Zipwire Documentation
Visit Zipwire
  • πŸ‘‹Welcome to Zipwire
  • Overview
    • πŸ’‘What is it?
    • πŸ™‹β€β™€οΈWho can use it?
    • ✨Our Features
    • πŸš—Can I test drive it?
      • πŸ“¦Setting up Zipwire Approve
      • πŸ“₯Setting up Zipwire Collect
    • πŸ”‘Logins & Invitations
    • 🐒Zipwire Collect: Rapid Onboarding, Effortless Compliance
    • πŸ’ΎData Ownership in Zipwire
  • Zipwire Approve
    • πŸ…How Zipwire Approve is radically different and speeds up pay day
    • β›”Why we don't track start and end times
    • πŸ“¦Unboxing key concepts
      • πŸ“œAccounts
      • ⏲️Timesheets
      • πŸ‘·Senders
      • 🚦Approvers
      • πŸ‘‘Processors
      • ‡️Workflows
      • 🏷️Assignments
      • πŸ“Billing Plans
      • πŸ’±Rate Plans
      • πŸ“¬Teams & Inboxes
      • 🏒Workplaces
      • πŸ›‘οΈClients
      • ✍️The Journal
      • 🀸Activities
      • πŸ’ΈPayment Methods
    • πŸ”²Logical structure
    • πŸ› οΈSet up your workplace
    • πŸš₯Processing stages
    • πŸ’΅Understanding invoicing
    • 🏷️Using assignments
      • πŸ–οΈHoliday assignment
  • Zipwire Collect
    • πŸ—„οΈEffortless Document Collection for Any Need
    • 🟒Get Started
    • 😭IDSP, IDVT, KYC, KYB and AML
      • 🀳Selfie Checks Powered by Yoti
      • ⛓️Blockchain Attestations
    • πŸ“„Using Packs
    • πŸ€–Machine Vision
      • 🀷Failure to Recognise
      • πŸͺͺDocument Types
    • ✍️Manual Entry for Streamlined Information Gathering
    • ✨Creating a Collection with AI
    • πŸ‘€What the Respondent Sees at Their End
    • ♻️Lifecycle of a Collection
    • 🚚Bulk Upload
    • πŸ”Document Inspection
  • Fundamentals
    • πŸ›‘οΈSecurity
      • πŸ“²Authenticator mobile apps
      • πŸ”Two factor in Zipwire
      • Wallet Connections
      • Sign-in with Ethereum
      • Attestations
        • The "IsAHuman" Attestation: Purpose and Limitations
        • The "Private Data" Attestation: Merkle Roots
        • Zipwire’s Master Attester Wallet Address and Public Key
      • Wallet Verification Guide
        • Introduction to Sleeper Wallets and Blockchain Legends
        • How Sleeper Wallets Are Created
        • Verifying Attested Wallets
        • The Market for Selling and Buying Attested Wallets
        • Holistic Evaluation of Ethereum Wallets
        • The Future of Attestations and Wallet Verification
        • Verifying Zipwire’s Merkle Root Attestations for Developers
      • Understanding Merkle Trees and Proofs
  • Use Cases
    • 🎭Identity Checks - Right to Work
    • πŸͺͺCompliance - Know Your Customer
    • 🎨For Senders
      • πŸ’¬Sending journal updates via WhatsApp
      • πŸ€Έβ€β™‚οΈNaming activities
      • ✍️Tracking time in your Journal
      • ⏲️Send your first timesheet
    • πŸ“±Tracking time via WhatsApp
    • πŸ–₯️For Approvers
      • πŸ’¬Approving timesheets via WhatsApp
  • Troubleshooting
    • πŸ”€Tangled Identities
Powered by GitBook
On this page
  • Overview
  • How It Works
  • Use Cases
  • Limitations
  • Best Practices
  • Comparison to Robust Attestations
  • Why It Matters
  • Related Resources
  1. Fundamentals
  2. Security
  3. Attestations

The "IsAHuman" Attestation: Purpose and Limitations

Overview

The "IsAHuman" attestation is a simple verification tool that helps distinguish between human users and bots in the Ethereum ecosystem. While it provides basic protection against automated systems, it's important to understand both its benefits and limitations.

How It Works

The Process

  1. Wallet Connection: A user connects their Ethereum wallet to Zipwire

  2. Verification: The user completes a Yoti ID check to verify their identity and liveness

  3. Issuance: Upon successful verification, Zipwire offers the option to claim an "IsAHuman" attestation to the user's wallet

  4. Recording: The attestation is recorded on the Base blockchain, viewable via EAS Scan

  5. Other wallet-connected apps can see this attestation and that it was made by trusted issuer Zipwire

Privacy Features

  • The attestation is issued directly from Zipwire's Ethereum account to your wallet

  • No personal data is stored on the blockchain

  • No direct link is created between you and your employer or other entities

  • AI agents cannot access your personal information

Use Cases

Combatting Bots

  • Filter out automated systems from dApps

  • Protect social platforms from bot manipulation

  • Ensure genuine human interaction in decentralized systems

Trust Building

  • Add a basic layer of trust for platforms

  • Enable quick verification of user authenticity

  • Provide a foundation for more complex trust systems

Limitations

Security Concerns

  1. No Identity Linkage: The boolean value (true) doesn't tie to specific identity details, i.e. no individual living person

  2. Limited Proof Mechanism: Unlike attestations with Merkle root hashes, it offers no way to verify specific attributes

  3. Transfer Vulnerability: If a wallet is sold or stolen, the attestation remains, potentially misleading others

Best Practices

For Users

  • Don't rely solely on IsAHuman for critical verifications

  • Consider combining it with other security measures

  • Be aware of its limitations when using it for trust

For Platforms

  • Use IsAHuman as a first layer of verification

  • Implement additional checks for sensitive operations

  • Consider more robust attestations for critical functions

Comparison to Robust Attestations

Contrast "IsAHuman" with an attestation of a passport:

  • Passport Attestation: Includes a Merkle root hash of document details (e.g., name, passport number). The holder can provide a Merkle proof to verify specific data without revealing everything, ensuring privacy and trust.

  • Stronger Verification: Such attestations link to verifiable identity data, making them harder to misuse.

Why It Matters

The "IsAHuman" attestation is a lightweight tool for initial trust but shouldn’t be relied upon alone. Platforms and users must combine it with other checks, like transaction history or additional attestations, to ensure a wallet’s legitimacy.

Related Resources

PreviousAttestationsNextThe "Private Data" Attestation: Merkle Roots

Last updated 17 days ago

πŸ›‘οΈ
Understanding Merkle Trees and Proofs
Verifying Attested Wallets
EAS Explorer on Base