# What Is Proof of Personhood?
**Proof of personhood (PoP)** is a verification mechanism that confirms a real, unique human is behind a digital identity – without requiring them to reveal who they are. It answers two questions at once: *Are you human?* and *Is this your only account?*
Unlike traditional identity verification (KYC), which asks *who are you?*, proof of personhood asks only *are you a unique person?* This distinction is what makes it privacy-preserving by design. Users prove humanness and uniqueness without exposing names, documents, or biometric data to third parties.
The term was formally introduced in a [2017 academic paper by Borge et al.](https://berkeley-defi.github.io/assets/material/Proof%20of%20Person.pdf) and has since become the standard term used across research, industry, and regulation – including by [Vitalik Buterin](https://vitalik.eth.limo/general/2023/07/24/biometric.html), [MIT and OpenAI](https://arxiv.org/abs/2408.07892), and [Wikipedia](https://en.wikipedia.org/wiki/Proof_of_personhood).
***
### Why Proof of Personhood Matters
The internet has no built-in way to verify that an account belongs to a real, unique human. This makes digital systems vulnerable to **Sybil attacks** – where a single actor creates many fake identities to manipulate outcomes.
This problem is accelerating. AI agents can now pass CAPTCHAs, generate realistic profiles, hold convincing conversations, and operate autonomously at scale. In a [2025 survey by CoinGecko](https://www.coingecko.com/research/publications/proof-of-personhood-participation-willingness), over 65% of crypto users said distinguishing humans from AI online is "very important."
Proof of personhood provides infrastructure to protect token distributions and airdrops from farming, enable fair one-person-one-vote governance, secure quadratic funding mechanisms, distinguish human users from AI agents, and replace CAPTCHAs and KYC with privacy-preserving verification.
***
### Proof of Personhood vs. Proof of Humanity vs. Proof of Human vs. Human Verification vs. Decentralized Identity
Several terms circulate in this space. They describe overlapping but not identical concepts.
#### Proof of Personhood (PoP)
The academically established, industry-standard term. Formally defined in research literature as a mechanism that ensures each unique human obtains one – and only one – credential or participation token in a system. The [Wikipedia entry](https://en.wikipedia.org/wiki/Proof_of_personhood), Vitalik Buterin's writing, and the MIT/OpenAI personhood credentials paper all use this term. Proof of personhood implies a **persistent, reusable credential** – not a one-time check.
#### Proof of Humanity (PoH)
Used in two distinct ways. First, as a specific protocol: [Proof of Humanity](https://proofofhumanity.id/) is a Kleros-backed Ethereum registry that uses video submission and social vouching. Second, as a generic phrase used loosely as a synonym for proof of personhood. Some technical writing draws a useful distinction: proof of humanity as a **momentary verification** versus proof of personhood as a **long-lived credential** that persists across sessions and applications.
#### Proof of Human
A branded, consumer-facing term used primarily by World (formerly Worldcoin) in their 2025 positioning. It describes the same core concept but is specifically associated with their iris-scanning hardware approach.
#### Human Verification
The broadest, most intuitive term – and often the first thing people search for when they encounter this problem. Human verification refers to any mechanism that confirms a real person is behind an interaction: CAPTCHA, liveness checks, phone number verification, email confirmation, or biometric scans.
Proof of personhood is a specific, more rigorous form of human verification. Standard human verification only asks *"is this a human?"* – it does not ask *"is this a unique human?"* All proof of personhood is human verification, but not all human verification is proof of personhood.
#### Decentralized Identity (DID)
Decentralized identity is the broader infrastructure layer that lets individuals own, control, and selectively share their identity credentials without relying on a central authority. It encompasses standards like [W3C Decentralized Identifiers (DIDs)](https://www.w3.org/TR/did-core/), Verifiable Credentials (VCs), and self-sovereign identity (SSI) frameworks. Proof of personhood is one specific application of decentralized identity – arguably the most foundational one.
***
### How Proof of Personhood Works
There is no single method. Every approach involves trade-offs.
#### Biometric Verification
Uses unique physical traits – facial recognition, fingerprints, iris scans, or palm recognition – to confirm identity and uniqueness.
**Strengths:** High uniqueness assurance; difficult to forge at scale. **Limitations:** Requires specialized hardware or trusted biometric collection points. Creates single points of trust for sensitive data. Hardware dependency creates access barriers.
#### Social Graph Verification
Uses networks of mutual attestation – people vouch for each other's humanness. Graph-analysis algorithms detect clusters of fake identities.
**Strengths:** Fully decentralized; no biometric data collection; community-driven. **Limitations:** Vulnerable to coordinated collusion; difficult to bootstrap without existing network coverage.
#### Synchronous Verification Events
Requires participants to perform tasks at a specific time – solving puzzles, attending sessions – leveraging the fact that one person cannot be in two places at once.
**Strengths:** Strong uniqueness guarantee without biometric data. **Limitations:** Excludes people with scheduling constraints; vulnerable to AI advances that could solve verification tasks automatically.
#### Government-Issued Credential Verification
Uses existing government IDs as the root of trust, then applies zero-knowledge proofs so verification happens without exposing the underlying document.
**Strengths:** Leverages globally deployed identity infrastructure; strong legal backing. **Limitations:** Excludes undocumented populations; ties identity to state systems; less decentralized.
#### Credential Aggregation (Multi-Signal Approach)
Collects and scores multiple identity signals – social accounts, on-chain activity, government credentials, biometric checks, community vouching – and aggregates them into a composite score. No single data point is decisive.
**Strengths:** No specialized hardware needed. Modular and privacy-preserving. Degrades gracefully if one signal is compromised. Accessible to anyone with a phone and internet connection. **Limitations:** Individual signals can be weak in isolation; strength depends on the diversity and quality of the signal set.
***
### Proof of Personhood Projects
| Project | Method | Trade-offs |
| -------------------------------- | ------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **World** (formerly Worldcoin) | Iris scanning via proprietary Orb hardware | High uniqueness assurance. Requires physical device access; biometric data cannot be reset if compromised; has faced regulatory action in multiple jurisdictions. |
| **Humanity Protocol** | Palm recognition | Markets as privacy-preserving. [Privacy policy](https://www.humanity.org/privacy-policy) permits data sharing with government authorities and third-party ML training; incorporated in British Virgin Islands. |
| **Self** (formerly OpenPassport) | NFC passport scan + ZK proofs | Open source, supports 120+ countries. Single-method: depends entirely on biometric passports; excludes undocumented populations. |
| **Rarimo** | NFC passport scan + ZK proofs | Battle-tested for anonymous voting in Russia, Iran, and Georgia. Single-method (passport only); requires periodic re-verification. |
| **zkPassport** | NFC passport scan + ZK proofs (Noir circuits) | Open source, Aztec testnet integration. Single-method; same passport dependency as Self and Rarimo. |
| **Privado ID / Billions** | NFC scan of government IDs + ZK proofs | Strong ZK implementation. Dependent on state-issued documents, excluding undocumented populations. |
| **Humanode** | Facial recognition (one validator = one human) | Layer 1 blockchain where each validator is a unique verified human. Requires facial biometric; limited validator set (\~10K). |
| **Alien ID** | Multi-signal (biometrics + social graph + credentials) | Uses CHVP protocol to combine multiple verification signals. Shares multi-signal aggregation philosophy with Human Passport. Smaller scale and ecosystem. |
| **Authena** | ZK proof of humanity (biometrics + social graph + onchain behavior) | Built by FairDAO. Similar multi-signal model to Human Passport with Humanity Points scoring. Narrower scope (airdrop/TGE sybil filtering only). No governance or quadratic funding track record; shorter operational history. |
| **BrightID** | Social graph vouching | No biometrics collected. Requires existing social network to bootstrap; vulnerable to coordinated collusion. |
| **Idena** | Periodic puzzle-solving ceremonies | Avoids biometrics entirely. Requires participation at scheduled times; faces AI solvability questions as LLMs improve. |
| **Human Passport** (human.tech) | Multi-signal credential aggregation | No specialized hardware. Aggregates social, on-chain, government, and biometric signals into a Unique Humanity Score using privacy-preserving cryptography (vOPRFs). Also supports ZK verification of government credentials. |
***
### Proof of Personhood vs. KYC
| | Proof of Personhood | KYC (Know Your Customer) |
| -------------------- | -------------------------------------------------------------------------------------------- | ------------------------------------------------------ |
| **Question asked** | Are you a unique human? | Who are you? |
| **Data collected** | None or minimal (zero-knowledge proofs) | Name, address, ID documents, often biometrics |
| **Privacy** | Preserves anonymity by design | Requires identity disclosure |
| **Reusability** | Credential works across applications | Must repeat per service |
| **Sybil resistance** | Core design goal | Byproduct, not primary purpose |
| **Accessibility** | No documents required (method-dependent) | Requires government-issued ID |
| **Regulatory fit** | Complementary – can satisfy human verification requirements without full identity disclosure | Standard regulatory requirement for financial services |
Proof of personhood is not a replacement for KYC in contexts where it's legally required. It is an alternative for the many contexts – airdrops, governance, social platforms, AI agent authentication – where the question is *"is this a real person?"* not *"which person is this?"*
***
### What Is a Sybil Attack?
A Sybil attack occurs when a single actor creates many fake identities to gain disproportionate influence over a system. The term comes from a [2002 paper by John Douceur](https://www.microsoft.com/en-us/research/publication/the-sybil-attack/) at Microsoft Research.
In web3, common forms include airdrop farming across thousands of wallets, governance manipulation through fake voting accounts, liquidity mining abuse, and quadratic funding exploitation through fake contributors. Proof of personhood is the most comprehensive form of Sybil resistance – it directly verifies that each participant is a unique human.
***
### What Are Personhood Credentials?
Personhood credentials (PHCs) are a concept formalized in a [2024 paper](https://arxiv.org/abs/2408.07892) co-authored by researchers from MIT, OpenAI, Microsoft, Harvard, a16z crypto, and other institutions. The paper has since won a [Future of Privacy Forum award](https://fpf.org/about/privacy-papers-for-policymakers/).
A personhood credential certifies that its holder is a real person – not an AI – without revealing any other identifying information. Key design requirements include one credential per person per issuer, unlinkable pseudonymity, and minimal disclosure.
***
### Use Cases
**Token Sales and Airdrops** – Ensure fair distribution by verifying each recipient is a unique human. Prevents multi-wallet farming.
**DAO Governance** – Enable one-person-one-vote systems instead of plutocratic token-weighted governance.
**Quadratic Funding** – Protect matching pools from Sybil manipulation. Human Passport (originally Gitcoin Passport) was built specifically to solve this problem.
**AI Agent Authentication** – Verify that an AI agent acting on behalf of a human has a real human principal.
**Social Platforms** – Distinguish human-posted content from AI-generated content.
**Reputation Systems** – Anchor on-chain reputation to verified unique humans.
***
### Frequently Asked Questions
#### Is proof of personhood the same as proof of humanity?
They describe the same core concept. "Proof of personhood" is the standard academic and industry term. "Proof of humanity" is sometimes used as a synonym but also refers to specific protocols. Using "proof of personhood" avoids ambiguity.
#### Is proof of personhood the same as KYC?
No. KYC asks "who are you?" and collects identifying documents. Proof of personhood asks "are you a unique human?" and can be answered using privacy-preserving proofs that reveal nothing about identity. They serve different purposes and can be complementary.
#### Does proof of personhood require biometrics?
Not necessarily. Biometric scanning is one approach, but it requires specialized hardware and asks users to trust a single entity with sensitive data. Other approaches include credential aggregation, social graph verification, and government credential verification with ZK proofs. The most resilient systems combine multiple methods so that no single signal – and no single entity – becomes a point of failure.
#### Does proof of personhood require scanning my iris or face?
No. That's one specific approach used by some projects, but it's not the only way. Credential aggregation achieves proof of personhood by combining multiple independent verification signals without requiring biometric data collection. Human Passport, for example, computes a Unique Humanity Score from diverse credential sources, allowing users to choose which signals to verify, without storing biometric data.
#### What is Sybil resistance?
Sybil resistance is the ability of a system to prevent a single actor from gaining outsized influence by creating multiple fake identities. Proof of personhood is the most direct form of Sybil resistance – it verifies unique humanness rather than relying on economic barriers alone.
#### How is proof of personhood used in crypto?
Primary use cases include protecting airdrops and token sales from farming, enabling fair DAO governance (one person = one vote), defending quadratic funding rounds, securing reputation systems, and verifying that AI agents have real human principals.
#### What are personhood credentials?
A term formalized by MIT, OpenAI, Microsoft, and other researchers for digital credentials that prove someone is a real person without revealing their identity. They build on proof-of-personhood concepts from the blockchain community and add formal privacy requirements like unlinkable pseudonymity and minimal disclosure.
#### Can AI break proof of personhood?
AI can defeat some older verification methods – CAPTCHAs, basic liveness checks, simple knowledge questions. Modern proof of personhood systems designed around multi-signal aggregation are more resilient because compromising one verification layer doesn't break the others. Systems that rely on a single method face a higher risk of obsolescence.
#### How is proof of personhood different from human verification?
Human verification confirms that a human (not a bot) is performing an action. Proof of personhood goes further: it also confirms *uniqueness*, ensuring one person cannot create multiple accounts. All proof of personhood is human verification, but most human verification is not proof of personhood.
#### How does proof of personhood relate to decentralized identity?
Decentralized identity (DID) is the infrastructure layer for self-sovereign credentials. Proof of personhood is a specific, foundational use case within that infrastructure – verifying that a credential holder is a real, unique human. Once personhood is established, additional verifiable credentials can be layered on top.
#### Is Humanity Protocol actually privacy-preserving?
Humanity Protocol markets itself as privacy-preserving, but its [privacy policy](https://www.humanity.org/privacy-policy) explicitly permits sharing personal data with government authorities, regulatory bodies, and law enforcement – and allows third-party access to user data for machine learning model training. Users concerned about privacy should read the terms carefully and compare them with approaches that are privacy-preserving by cryptographic architecture, not just by policy promise.
#### How is Human Passport different from World?
World requires users to scan their iris at a proprietary hardware device (the Orb) and trust a single entity with their biometric data. Human Passport requires no specialized hardware and no biometric data collection – instead, it aggregates verification signals from multiple independent sources into a Unique Humanity Score using privacy-preserving cryptography. The result is proof of personhood that doesn't depend on a single device, a single biometric, or a single point of trust. Passport helped protect $512M+ in capital to date, and over 2.3M Passports were created.
#### What's the most private way to prove personhood?
Approaches that aggregate multiple credential signals using zero-knowledge proofs – without collecting or storing biometric data centrally – offer the strongest privacy guarantees.
#### What is Human Passport's approach to proving personhood?
Human Passport uses the multiple credential architecture: verification Stamps from independent sources are combined into a Unique Humanity Score using privacy-preserving cryptography, including ZK circuits, with no single entity able to link or trace user activity.
***
*Human Passport provides modular, privacy-preserving proof of personhood infrastructure for web3.* [*Learn more →*](https://human.tech/)
