paint-brush
Crypto-Biometrics: A Better Solution For Trust and Security of Blockchainby@shahmeer
415 reads
415 reads

Crypto-Biometrics: A Better Solution For Trust and Security of Blockchain

by Shahmeer KhanJune 20th, 2022
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

A study shows that 20% of bitcoin is unrecoverable or lost. Social recovery wallets give a fool-proof way to recover a lost wallet, but people still need to remember or save their keys in the first place to avoid the overhead of reaching out to the wallet guardians for recovery. A better alternative being proposed in many research papers is using biometrics to allow access. Crypto-Biometrics is a combination of mathematics, cybersecurity, Sybil resistance, biometric technology, encryption and blockchain technology.

Company Mentioned

Mention Thumbnail

Coins Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - Crypto-Biometrics: A Better Solution For Trust and Security of Blockchain
Shahmeer Khan HackerNoon profile picture

A few days ago, I read an article published by Ethereum's co-founder Vitalik on Social Recovery Wallets. In this article, he emphasized adopting social recovery wallets to prevent loss and theft of crypto due to loss of keys and illegal access by malicious actors. Even though he properly laid down how social recovery wallets are the ultimate solution for this, I still have some concerns about the viability of these wallets. And in my opinion, there’s a better alternative for the trust and security of blockchain.

In this article, I will go over the limitations of social recovery wallets and talk about crypto-biometrics and why it is a more viable solution.

So let’s get straight into it.

Limitations of Social Recovery Wallets

All in all, social recovery wallets are supposed to remove three major headaches for the users

Quoting from Vitalik’s article

1- No single point of failure: there is no single thing (and ideally, no collection of things that travel together) that, if stolen, can give an attacker access to your funds, or if lost, can deny you access to your funds.

2- Low mental overhead: as much as possible, it should not require users to learn strange new habits or exert mental effort to always remember to follow certain patterns of behavior.

3- Maximum ease of transacting: most normal activities should not require much more effort than they do in regular wallets (eg. Status, Metamask...)

Vitalik focused on the issue of users losing access to their wallets due to loss or theft, which in the first place is the major concern we face today and requires solutions to resolve the issue. A study shows that 20% of bitcoin is unrecoverable or lost. Even though social recovery wallets give a fool-proof way to recover a lost wallet, people still need to remember or save their keys in the first place to avoid the overhead of reaching out to the wallet guardians for recovery.

The issue isn’t just lost access, remembering the password or saving your private keys somewhere is also an overhead. Social recovery wallets in normal situations can’t resolve this issue.

Another issue that remains is relying on trusted entities to recover wallet access. In essence, it negates the blockchain’s core principle “trustless ledger”. If we have to trust others for recovering our passwords, then there’s no place for a decentralized web. This method of social recovery isn’t something new. Facebook offers trusted contacts as a recovery method that works on a similar concept.

Theoretically speaking, many issues may arise with social recovery wallets. Imagine this scenario: What if 3 out of 5 guardians die at the same time or what if they aren’t your friends anymore? This and many other theoretical scenarios make social recovery vulnerable.

So, instead of relying on anyone to get back your wallet’s access, we need a better alternative solution. And Crypto-Biometrics is one such solution.

Let’s discover what it is and how it works.

Crypto-Biometrics - A Better Alternative

A better alternative being proposed in many research papers is using biometrics to allow access. However, simply using biometrics isn’t risk-free. Malicious attackers can easily manipulate biometrics data if they gain access. Even if we use cryptography to encrypt and decrypt the data, the risk remains.

What are Crypto-Biometrics?

Advancements in technologies, like AI, paved the way for enhanced biometric identification. The technology is improving with time. However, to use biometrics in a decentralized manner, we need to ensure the integrity of biometrics information. This will help prevent malicious actors from accessing the information and infiltrating the network as a whole. It will also help to prevent Sybil attacks, deep-fakes, and other possible attacks.

This is where the concept of crypto-biometrics comes into play. In simple words, crypto-biometrics is the combination of various technologies. It exists at the intersection of disciplines like mathematics, information security, cybersecurity, Sybil resistance, biometric technology, liveness detection, zero-knowledge proof (ZKP) technologies, encryption, and blockchain technology.

How Crypto-Biometrics Work?

To access your wallet using biometrics, You’ll have to register as a validator node by verifying your biometric information(face biometrics) on a chain. For this, you’ll have to go through a video-based liveness detection and 3D face scan. This will ensure that the registering entity is a living human being. Once proofed, the 3D face mapping of the neural network will be converted to numerical data and encrypted.

Once this process is completed, the public and private keys are created. And you’ll now be able to create a node. After the creation of the node, the encrypted data will be sent to all the nodes on the network for 1 to n matching operations for verification. Note - Your original biometrics data never leaves your node so your identity isn’t shared with anyone on the network.

Here comes the fun part.

Once you become a registered validator node, you can easily log in to your wallet by verifying that you are who you claim to be. This is what the process of verification looks like:

  1. A registered user logs in using biometrics data.
  2. Biometrics liveness detection and anti-deep fake technology verify that it’s a real human being behind the camera.
  3. 1 to n search and matching operations happen in an encrypted space. And since it’s a ZKP based, the only piece of information that is searched for and is given out is; if that user is a registered user or not, and if yes do they own access to the wallet they are trying to log in.

All in all, your crypto biometrics data is user proof of security to access your wallet without even revealing your identity to anyone in the network or any malicious actor whatsoever. In addition, since biometrics data is unique to every human, no bad actors in the ecosystem will ever be able to access your wallet.

One example of companies working on Crypto-biometrics as a proof of identity is Humanode. Humanode is founded by the co-founders of Paradigm. You can read more about the project here.

Summing Up

Although social recovery networks are a good solution for preventing loss or theft, they still are vulnerable. Using concepts like crypto-biometrics we can make crypto wallets fully secured and blockchain can truly be decentralized. Let me know what you think about this in the comments.