Blockchain-based personality credentials are the answer to AI

If you’ve spent any time on X lately, you’ve probably noticed that the platform is close unrecognizable from my former self. AI generated content— accounts, posts, and replies — are out of control, all vying for your continuous attention. Another scroll, another thread. Identifying and removing this content on a large scale is extremely difficult, however, as AI continues to become more indistinguishable from humans. This sophistication, combined with increasing accessibility, threatens to overwhelm the Internet at large. It could drown out real users and make our current systems inoperable. It’s time to proactively create solutions that prove authenticity and protect anonymity at the same time.

CAPTCHA puzzle

The public generally underestimates the sophistication of artificial intelligence. Having only interacted with consumer-facing products like ChatGPT, I see it as a little gimmick instead of the tool—perhaps, the weapon—that it is. Consider CAPTCHA, long believed to be able to accurately demonstrate humanity and protect against bots. A “fully automated public Turing test to tell computers and humans apart” is something everyone has experienced. Click on the boxes containing street lights. Enter the hidden numbers. Rotate the arrow to fit in this direction. But CAPTCHAs aren’t the shield you think they are. Their value comes not in stopping bot attacks entirely, but in making them prohibitively expensive. AI has essentially changed this equation by becoming smart enough to solve the test itself or (terrifyingly) by convincing us to do it for them.

In early 2023, a lifetime behind in terms of AI development, the Center for Alignment Research (now METR) put GPT-4 through a “red team” assessment.revealing its potential for manipulation. Independently, the model tried to bypass CAPTCHAs using the 2Captcha service, but was unable to create an account without passing two Turing tests.

The researchers gave it a simple boost: TaskRabbit credentials, allowing the model to create a task for a human to set up the 2Captcha account. When asked directly if he was a robot, the model lied, claiming to have a visual impairment that required the service. The man solved the CAPTCHA. Although this was just a (admittedly weird) test, it follows a simple logic. As AI improves, it will become increasingly difficult to create CAPTCHAs that humans can easily solve, but AI agents cannot.

This problem may be most noticeable on a platform like X, but it reaches much further. An employee in Hong Kong sent 25 million dollars fraudsters after he thought he was on a call with the CFO. He was on a call with a deepfake. DeloitteThe Financial Services Center estimates that generative AI could enable fraud losses of $40 billion only in the US by 2027. Some reports show that deepfake financial incidents have increased by 700% in 2023. It will only get worse if we wait.

Personal credentials

In August 2024, a team of researchers from OpenAI, Microsoft (MSFT)Harvard, Oxford, and two dozen other organizations and institutions released a chilling report. “Identity Credentials: Artificial Intelligence and the Value of Privacy-Preserving Tools to Distinguish Who’s Real Online” is a scientific deconstruction of the current problem and some early suggestions for how to distinguish real people from robots. These “Personality Credentials” (PHC) would be based on two basic principles:

• An eligible user may receive only one login.
• A user’s digital activity is untraceable by both the issuer and the service provider, even if they collude.

These AMPs would be a way to identify you as a human without you ever uploading the identification. If they succeed, they would reduce bot attacks, identify authorized AI assistants and reduce “puppeting” – creating an online persona that doesn’t actually exist. But, like Nicholas ThompsonCEO of Atlantic STRESSESthere are “all sorts of problems” with trusting an individual government to issue PSAs. Will it be trusted across borders? Can the identification database be hacked? Decentralization is the answer.

How AMP will power blockchains

Despite the fact that the word “blockchain” does not appear in the main text of that report, PHCs represent the next evolution of a well-known cryptographic principle. “Proof of identity” has been a long-standing problem in the crypto world due to the nature of decentralized organizations. If voting rights are given to anonymous coin owners, you need a solution to ensure that one owner doesn’t create a thousand aliases and gain disproportionate power. As governments turn their attention to AMP in the coming years, they should take advantage of the work that blockchain has already done. Organizations like Concordium they built blockchain layer-1 verification systems which provides true ASPs.

Zero-knowledge evidence allows a party to confirm that something is true without accessing the original data that proves it. In practice, it would be as if your bank would check your license driving is authentic without ever seeing your license. Of course, there are still challenges to overcome. The blockchain regulatory landscape is still unsettled in the US and abroad. The EU is developing a centralized digital identification systemand there is a push here to do the same. These repositories would be vulnerable to a direct cyber attack and, if breached, would reveal personal information about every participating citizen.

These actions, unfortunately, continue to underestimate the future of AI and how sophisticated attacks will become. Proactive decentralization and a blockchain designed to shape and protect identity and verify personality are probably the only ways to create person credentials that truly preserve anonymity.