Proof-of-Personhood: Redemocratizing Permissionless

Maria Borge, Eleftherios Kokoris-Kogias, Philipp Jovanovic, Linus Gasser, Nicolas Gailly and Bryan Ford

EPFL

1 Talk overview

● Problem ● (PoP) ● PoPCoin ● Conclusions

2 Problem

Control in current permissionless -based cryptocurrencies systems lies in hands of a small number of entities Re-centralization

3 Permissionless cryptocurrencies

● Enable open participation ● Provide pseudonymity ● Avoid double spending attacks ● Extend the blockchain in a secure manner

4 Proof-of-Work

● Special purpose hardware ● Massive consumption of electricity ● Only entities with the resources are able to mine ● Re-centralization!

5 Proof-of-Stake

● Participants use their assets to create new assets ● Rich participants have an advantage, more assets implies faster creation of new assets ● Shareholder corporation that favors the rich

6 Goal

Create a resistant that ensures fair and accessible wealth creation process

7 Talk overview

● Problem ● Proof of personhood (PoP) ● PoPCoin ● Conclusions

8 Proof-of-Personhood (PoP)

Objective: Verify people, rather than identify them

How: Organizing a party and generate tokens

PoP-Token PoP-Token PoP-Token

9 Proof-of-Personhood (PoP)

CoSi - Scalable collective signing Cothority - Collective Authority Linkable ring signatures - Anonymity and accountability in the same context

10 party - Setup

Cothority Organizers

Conode

Conode Configuration-file: - Start, End - Location, Use - Expiration - Organizers’ public keys

Conode

11 Pseudonym party - Setup

Attendees E Public keys Private keys

Configuration-file: - Start, End - Location, Use - Expiration - Organizers’ public keys

12 Pseudonym party

Registration-room Party-room

13 Pseudonym party - Barrier Point

Registration-room Party-room

14 Pseudonym party

Registration-room Party-room

15 Pseudonym party - Termination / Finalization

Cothority Organizers Private key

+ = PoP-Token Conode

Conode

Party Transcript: -Configuration file -Public keys of attendees

-Hash-file of videos Conode -Collective signature 16 Usage of PoP-Tokens

Attendee

Context, M Service Aggregate public Linkable Ring key of trustworthy Signature cothorities

Attendees Attendees ... public keys ... public keys ...

Table with tags 17 Talk overview

● Problem ● Proof of personhood (PoP) ● PoPCoin ● Conclusions

18 PoPCoin

● Open membership: Proof-of-Personhood

● Fairness: Randhound

● Consensus: Byzcoin

19 PoPCoin - Implementation - Setup

1. Set of organizers throw a pseudonym party to create PoP-tokens

2. Attendees authenticate their PoP-tokens

3. If successfully authenticated attendee deposits a public key, to identify as a minter

4. The set of public keys form a minting-pool

20 PoPCoin - Implementation - Minting

1. Minters part of the minting-pool are eligible to create new blocks

2. Last N miners run RandHound, to select the next minter allowed to create next block

3. The process repeats every M minutes, if minter fails a new one is selected

21 PoPCoin - Overview

22 PoPCoin - Deployment

Local cryptocurrency

23 Challenges

We propose a cryptocurrency that builds on:

● Proof-of-Personhood ● Randhound ● Byzcoin

24 Related Work

We propose a cryptocurrency that builds on:

● Proof-of-Personhood ● Randhound ● Byzcoin

25 Thank you!

26 Questions?

27