Online Sybil resistance and KYC project

I 100% agree. I think we should change our mindset and understand the real meaning of blockchain technology.

I think this is a great step to stop bad actors in the space. The beauty of the blockchain and cryptocurrency is we have the power to build things to make this space better. This is a great step in the right direction to weed out those player. Definitely support this.

Have to admit I donā€™t understand all the technical details.
Connecting the identity to discord seems a good idea but I have seen some discord acc getting hacked
so I think security should be the first priority

Understood Emre, but the issue will remain about what you will get in return for this service then, if the adoption is poor you wonā€™t get a sustainable return (even if you believe your product is superior), at least having a defined fee rather than losing out in the long run should give you a fall-back and of course if your product is superior then projects wonā€™t mind paying for it, especially if they care about reduction of bots.

A suggestion to add for future development, possibly after launch and if enough interest would be there from users. With peopleā€™s wish for anonymity would it be possible to allow different server profiles to come under the one identity? This way people could have a different profile for different ecosystems/types of discords. With the identity covering multiple profiles should one profile be banned and the servers including the feature of removing verification if someone is banned in another server this would still be possible. It could be an option for server admins to allow multiple profiles from one identity if they wish.
This could be monetized on the users end creating a new income stream as a monthly/one off payment. Maybe for each profile or a set number of profiles.

This is something we discuss a lot. In the long run aim is having all in single place making it better and cost-effective for them. For this stage we subsidize the verification cost because lets say there is a discord with 20k users since itā€™s per verification since itā€™s not a low number all price will just fall into single server. If we have an high adaptation at least these costs will be split between servers which allow us to reduce cost. We will just cover set numbers of validation and we will have some packages ready but without actual users and any data itā€™s hard to come up with packages. That early onboarding period will also help us clearing that.

This is a function on discord you can have different identities on different servers. Our identity is matched to discord account. We discuss it and if we find a proper way to do it we could. The problem with that is if the server wants to allow multi profile/account then there is 0 reason for them to add our services to their servers.

I was playing around with discord to see if there could be entirely new profile per server but to me it seems that you can change nickname but still have to keep the same overall name with the number.
It may be that this isnā€™t something thatā€™s needed. Iā€™m sure there will be people out there though that like to keep profiles separate depending on the space they chat in. Example: Crypto servers/Gaming servers.
I agree with the point about multiple users. There may be some reason that a server admin would want to allow it.Right now i cant think of one though.

Couple questions.

  1. Can you describe how AI fits into this, what type of model you will use, which features you are using, etc? Also how much dev time will be going into this side of the project relative to the others?
  2. Also before the AI check in the sequence diagram, can you describe the map check? Is this just scanning a directory of users and whether the identity has already been verified?
  3. How did you arrive at the ~$1-$1.5 per user cost? Also the ā€œ12-15 centsā€ per verification? Dynamo db and lambda are are pay as you go but are these are your main cost drivers? Also how would bot activity factor into these costs (ie how much would 1k bot users cost to reject)?

Would have more questions but start there. I think with this project, the added value is obvious but I think the real risk is how you implement it. I think this should strongly connect to any type of DID initiative within ICON but that is currently immature. If you have good ways of solving the ā€œis this person a botā€ problem, then connecting it to DID and an auth layer around discord is natural route. But that is a big if in my mind.

The ai is one of the methods for acquiring face mapping age estimation etc. We will not utilize any dev time on this since this part is going to be provided by already existing industry leaders. Not all solutions involve ai we are looking in to our options while we are close to finalizing our decision.

So first check creates your face map or vector map again these different between solutions I am just giving examples from one. The map check side is mostly what you write there. While approach is more like how shazam identifies/match music.

The cost is from quotes from few providers we asked on they all have minimum volume commitments and few other aspects too. Cost also differentiate a lot. There are services asking for 50 cent per verification. While everything in the market is resell of 3-4 actual service providers software + their own additional features etc. we donā€™t need those features. Dynamo db and lambda is pay as you go correct. Because of how GDPR and rest of the privacy aspects work. The service providers specifically for face check. They donā€™t offer endpoint or some service where you get a response you host the software. The main cost driver is that. We are hoping to drive that cost down but without signing a agreement we canā€™t get our hands on it so I donā€™t want to give any promise before possibilities there. We are very positive with one provider and will have technical meeting about that part soon.
The way the software work is the map created on client side. Only map data transferred to our servers which is small. Rejection cost is negligible data cost in case you pay for data.

We could integrate with other solutions main aim of our product is making process simple and fast since face scan process is just simple and easy to do. Everyone have a phone with a camera. Considering KYC process and requiring documents to be clear readable etc or other verifications taking time because of review process. This is a simple and fast way to check for 100% the same person is behind same wallet address discord account, whatever you want to check in given moment. The KYC/AML part is something we want to develop in the future. If till that moment someone release a good product for KYC side making privacy and other necessary aspects we care their strong points. Than we can just integrate with them.

Thanks @Emre for the detailed response.

RE #1, that makes perfect sense. Was worried youā€™d be building that yourself but I am sure vendors have good solutions you can utilize.

RE #2, I think actually comparing the images in vector space might still be very complicated and might require require some AI. But my gut tells me that just putting the facial verification / integrating whatever features your identity provider would be enough as that will stop most bot activity I think. Like exchanges doing KYC, they rely on additionally verifying yourself with a bank statement and ID. If those additional attributes are required to get verified (maybe just an ID), then that would be enough to give you some discrete attributes to compare against instead of having to get into comparing pictures and what not in vector space. Anyways, point being I think keeping this simple would help if you can get one more piece of identity like a government document and then doing some simple search in the DB if that person already exists.

RE #3 - Seems like you have to do the AI bit before the aforementioned map check. If that is the case, I think it all breaks down to the contract you sign and if they charge for malicious attempts to verify. Seems trivial to try to negotiate that though as that is what their service is intended to disincentivize. Regarding cloud costs then, lambda and dynamo should be dirt cheap for what you are doing. Main cost just seems to be the verification which you clearly are doing your research. Iā€™d make that clear in the proposal.

And last, would be good to outline how this could connect to ICONā€™s potential DID solution. Seems applicable beyond discord and could be used as a service for anyone trying to use other tools on ICON. So some description or plan about how you can develop a JS SDK so users have the option of integrating it into their apps. Sure others would want to use it. And if your verification vendor also supports KYC requirements (ie the option to require uploading bank statements + some human check), that could be an additional upsell on this project for later as I am sure some regulations will catch up at some point and require that for various applications.

Anyways, thanks for the clarity.

Thatā€™s not charged for 100% If same person keep getting verified over and over. That person charged one additional time. They donā€™t charge for the rest of the verification for that billing cycle.

On that sense the idea of integration of KYC is having fully legal compliant structure with privacy holding zk proof with few data and in long term we hope the face verification will be mostly enough considering zk proofed kyc will also share persons region for sanctions and other regulations. If that would be enough than itā€™s great. In the long run while regulations mature we will see what we can do in that area.