Growth · 2 min read
"Verify You're Human" — CAPTCHAs That Break Privacy
🧩 "Verify You're Human" — CAPTCHAs That Break PrivacyThe sybil resistance trilemma: prove uniqueness, preserve privacy, maintain usability. Traditional CAPTCHAs fail on at least two dimensions.Google's reCAPTCHA—deployed across 5M+ websites according to BuiltWith—generates risk scores based on browser fingerprinting, cookies, and behavioral patterns that fundamentally link sessions to persistent identities. hCaptcha's privacy claims are better but still require some form of cross-session tracking to function effectively. For privacy-conscious Web3 users, these systems are non-starters.The alternative: zero-knowledge proof of humanity.The cryptographic primitive is commitment-based set membership. A user proves they belong to the set of "verified humans" without revealing which member they are. The nullifier mechanism—a deterministic hash of the user's secret and the verification context—prevents double-claiming without linking multiple verifications to the same person.Production implementations exist and are battle-tested:Worldcoin's Orb creates an iris-based biometric commitment that generates ZK proofs of unique personhood. The biometric data never leaves the device; only the commitment enters the system. Their technical whitepaper details the circuit design achieving both uniqueness and privacy guarantees.Semaphore protocol—developed by the Privacy & Scaling Explorations team at EF—implements this pattern for on-chain applications. The code is audited, open-source, and documented extensively in their GitHub repository.For applications requiring sybil resistance without identity infrastructure, the pattern works: generate user commitment during onboarding, verify membership via ZK proof, burn nullifier on claim to prevent reuse.The privacy/security tradeoff is false. Cryptography solved it—implementation is the remaining challenge.→ MayWap Protocol | Building private sybil resistance