This video was generated by AI.
How Can We Trust the Internet Anymore?
With AI generated videos of this quality, we will see an increasing number of deepfakes in which it seems like our favorite celebrity, politician, or our own daughter is telling us something in a video recording that was actually a digital creation.
I know multiple founder friends being funded with millions of dollars or who have already sold their company based on allowing people to create deepfake video and audio. They started with lip-sync videos where you record yourself saying things with a filter on as though you put on the mask from Mission Impossible that makes you look like someone else. Then the voice becomes like the actual actor or politician.
Even video calls with a family member who is in a sudden emergency and asking you to send money may be suspect. Deepfake filters allow a person to respond in real time and their face and voice and movements will digitally be altered to appear like someone else.
With the rise of AI deepfakes, how can we trust videos and images on the Internet or even video calls?
Associating an Online Profile With a Real Person
First of all, we need to be able to connect an online user profile with a real identity so we can know who is posting a piece of information.
The blue checkmark on twitter only requires paying money. It makes it more expensive to flood a social media platform with bots, but doesn’t do much more than that.
KYC (know your customer) providers have options where a user may verify their account by uploading an image of their government ID and a liveness test where they turn their head while the selfie camera is on. There is facial recognition linking the liveness test with your photo ID and some of these KYC providers check the codes on the government ID against the government database.
Zero Knowledge Cryptography
Data can be stored with zero knowledge cryptography (ZK) and may be stored on-chain. This means that only the code automatically can do certain things with the data without any human having any way to access the data. For example, someone may write a ZK program which takes two inputs: an image of a government ID and a selfie picture. The program uses facial recognition to check if they match, and it says yes or no. However, all of this occurred automatically through a program that is on-chain and that no one owns and that no one can open up to see the data that is passing through it. Thus, ZK is privacy preserving, and KYC processes can be done with ZK and my friends at Holonym do this process well with the steps of uploading a government ID, a selfie test, and then you receive a proof attached to your web3 wallet showing that you have received your Holo Passport meaning that you have gone through this process and shown you are a real person with a real government ID.
However, now the liveness test is that someone could jailbreak a phone and fake the selfie camera feed with because someone can produce an AI generated video of a person turning their head left and right or even a live face and voice filter. If someone gets an image of a government ID, some soon to be widely available AI tools, and jailbreak a phone, then they may steal your identity.
Other ideas some platforms I know are pursuing include:
Networks of trust where people verify other people when they join a group. I think this sounds easy to have collusion erode this where a particular group decides together to verify a bot.Another option is aggregating digital activity from multiple platforms, though this is an onerous task of connecting all the various platforms to the aggregator. It could make sense to replace these tests with biometrics, which is what “The Orb” does by scanning eyes and recording them supposedly using zero knowledge cryptography, though the software of The Orb has not been disclosed. It is part of the World Coin initiative backed by Sam Altman the CEO of OpenAI where people who are verified as unique individuals receive universal basic income. However, the Orb requires having custom physical hardware that is spread around the world and that is unfamiliar to people.
An alternative biometric that is far more commonly available consists of fingerprint scans. In 2018 around half of all phones shipped included this but by 2022 around 80% included them. I’m not sure how many laptops have fingerprint scanners, but a person can simply be prompted on their phone to scan their finger and then they are logged in to a platform on the laptop.
But if someone does the government ID and facial recognition test then adds the third item of a fingerprint, then it could still be someone else’s fingerprint. Perhaps we need some physical hardware for someone to show their passport and face and have their fingerprint scanned.
Hardware
I wrote this blog post while on the plane from Texas to Mexico, and upon arriving I saw an automated immigration gate where you simply scan your passport, look at the camera, take a receipt, then the gate opens for you. No stamp on your passport, only one person attending several gates at once, and it was a rather smooth process.
If this process ends up requiring some trusted authority to check that it is a real person walking up to a camera and not just a video or a filter, then airports around the world already have all the hardware and the precedent and the staff. With a supervised process, dedicated hardware in an environment where it is difficult to tamper with, perhaps this could be considered trustworthy. Then, once the stamp or nft or proof is attached to your web3 wallet that you have done this process and that proof associates identity with your fingerprint, then you can access various platforms that integrate this through your fingerprint.
Transferrability
Ideally, the proof can be revoked/transferred by someone else through a two of three multi-sig signing functionality. This basically means that the control of your digital passport has 3 digital keys.
Your web3 wallet has one of the keys.
Another friend you choose has a key.
A trusted third party company/authority has the third key.
If you ever dislike what the third party does, you and your friend can switch the passport to be in a new wallet.
If your web3 wallet is ever compromised and someone else gains control of it by finding your secret key, then you can contact your friend and the third party and they will switch it over to a new uncompromised wallet for you.
There is also an idea shared by a friend of mine who worked at Scale AI that phone and computer cameras can include metadata on images and videos that are captured showing the time, place, and what device captured it, and this metadata may be attached even before the media hits the storage of the device. I may consider introducing him to another friend who is selling half a million custom phones this year. This could go beyond simply showing the identity of who controls a user profile, this could also verify information about the content that user profile is posting.
In the end, I am annoyed that I don’t have an immediately trustworthy solution that can be implemented now with purely software. Multiple previous iterations of this blog post ended with “shit, I just realized that doesn’t work.” I guess there’s something about being in person to prove you are a person that just makes sense.
Anyways, you can imagine that platforms like twitter/x could add this as an option to verify your identity and so someone can know this profile is indeed Biden who is posting these things.
Should We Create a Crowdfunded Prize to Create a Deepfake Proof ZK KYC Solution?
I am wondering if I should just put out a prize for someone to integrate holonym or reclaim protocol with ZK proofs attached to Polygon ID as an option for users to be verified on nsforum.org and other platforms I help build and call it a day. I guess that’s the best I can do for now.
I plan to ask others who are more knowledgeable than me their thoughts and perhaps if we develop a good solution to integrate to nsforum.org then we can use that as proof of concept for platforms such as farcaster, x, and other platforms to adopt next
This is also posted on the network society forum: https://nsforum.org/t/how-blockchain-can-save-the-internet-from-deepfakes/37