Sign in Subscribe
capitalism

The human problem crypto kept deferring

Humanode Core

6 min read
Share
The human problem crypto kept deferring

Part one ended with the protocol's core blindness: it cannot tell a human from a hedge fund. That problem has a name, Sybil resistance, and the space has been failing to solve it since before most people knew what a DAO was. This is the gap between control and uniqueness.

Read Part 1: How a revolution got tamed, and what we have to build next

Airdrops are the easiest place to see what that gap actually costs. The original idea made sense: reward the people who used a protocol early, helped create network effects, took risks, and gave the thing life before it was obvious. Then the market learned the pattern and people started exploiting it.

The same problem appears in governance, public goods, free tiers, AI credits, Discord roles, Telegram campaigns, and almost any system where access or rewards depend on participation. When a system rewards wallets, transactions, or community activity, people learn how to produce those signals.

Transparency helps you see account movement, but it still leaves the human question unresolved. You can watch each address in a vote and still miss whether the vote reflects a broad community, a few large actors, a coordinated group, or a farm that understood the rules better than normal users did.

When the system can read capital more easily than people, capital starts filling the empty space. If more stake gives more influence, capital stakes. If more tokens give more votes, capital buys. If more wallet activity gives more eligibility, capital funds activity across wallets. If early participation gets rewarded, people learn how to produce the appearance of early participation. The system does not need to announce that money has become the real citizen. It only has to keep rewarding things money can multiply.

This is where the language starts doing more work than the data can support. A protocol can say it is decentralized because many wallets hold the token. A DAO can say the community decided because a proposal passed on-chain. An airdrop can say it rewarded users because many addresses claimed. These statements may be technically true in a narrow sense. Their human meaning becomes weaker when the same actors can appear through multiple accounts, or when capital-heavy actors can shape outcomes while still looking distributed on a dashboard. So, how do we solve the issue of uniqueness in crypto?

The traditional world already has a way to prove personhood to an institution. You send the passport, take the selfie, upload the proof of address, and wait for a vendor somewhere to decide whether today is your day. For regulated finance, KYC has a legal function. It solves a compliance problem for companies.But crypto’s human problem is narrower than that. All we need to do is find a way to count one human once while exposing as little as possible about who that human is.

The space has been running at it since 2019. Proof of Humanity used social vouching and a community court, but people attacked the courts. BrightID mapped social connections between users, but people farmed the graph. Idena ran Turing tests every few weeks to verify humanness, but people were selling solved tests within months. Worldcoin built hardware to scan irises and handed the trust problem to a foundation controlling the hardware supply chain. Each attempt moved the centralization somewhere else rather than removing it.

Vitalik and Weyl named the missing layer in 2022 before most of these attempts had shipped. Soulbound tokens, plural mechanisms, quadratic funding all require the same thing underneath them: a reliable way to confirm one unique human per address. Soulbound tokens ran into a composition attack problem Cornell documented in 2024. Worldcoin built hardware, reached 18 million verified users, and got suspended in eight countries over the same trust question every previous attempt faced. The framework from 2022 was right. The working implementation of the layer it required is what Humanode has been building long before that.

Humanode believes biometric matching inside verifiable confidential virtual machines (CVMs) is a different answer to that problem. What it actually tries to do is simpler than it sounds: confirm one unique living human stands behind a participation slot, without learning who that human is.

That answer can help a network, a DAO, an airdrop, or a community without exposing the person’s identity to the application. The person remains private, duplicate participation becomes harder, and the application gets an answer that cryptography alone cannot provide. 

Each consensus design chooses what kind of scarcity gets influenced. Proof of Work relies on machines and energy, Proof of Stake relies on locked capital, and token governance relies on ownership. Humanode asks a different base question: is this validator or user a unique human? or put it this way: does the wallet belong to a unique human being?

Anyone who has spent time in governance knows humans can be lazy, emotional, bribed, confused, tribal, and extremely committed to bad takes. A human-based system, instead of removing politics, changes the base unit politics works on. 

The useful claim is narrower: systems claiming human legitimacy should have a way to stop capital from multiplying itself into many apparent people.

Biomapper gives any app one signal: this wallet belongs to a unique human, without the app learning who that human is. Airdrops can use it to cap claims per person, DAOs can require human quorum alongside token voting, and free AI access tiers can give one allocation without asking for passports. The adversarial question matters more than the use cases. Liveness detection works against the attack generation it was built for, and deepfake quality has been moving faster than most detection systems update. The system's real defense is that spoofing it at scale costs enough to change the economics of Sybil farming, which is a meaningful bar but not a permanent one.

AI agents make the same problem harder to ignore. If agents can act, trade, post, claim resources, consume compute, enter campaigns, and coordinate across apps, then the internet gets much harder to read. The issue will be software acting at scale inside systems that still use human language for participation, from spam to claims, votes, rewards, compute access, and community activity. A link between an agent and a verified unique human helps draw a cleaner line. Software can act, while systems that count humans can still ask whether a human is actually attached to the action.

Capital belongs in markets, liquidity, ownership, and risk. The problem begins when capital is used as a substitute for people. When a system claims to represent community, legitimacy, personhood, access, or public participation, capital becomes a weak substitute. 

A healthier crypto stack would separate these signals more honestly. Capital can still measure stake and economic exposure, while human uniqueness can support legitimacy and participation… The hard part is building systems where both signals exist without letting one swallow the other.

None of this removes the hard questions around Humanode. A system dealing with human uniqueness has to be held to a higher standard because the risk is real. Biometric matching has false positive and false negative rates, liveness detection has active adversaries, and confidential computing carries trust assumptions that have to be explained rather than assumed. Attestation has to be understandable enough for developers and users to trust the system. Deletion and reset policies have to be clear. 

Governance over the human layer has to be taken seriously. Whoever controls admission into a personhood system controls something more sensitive than any treasury. The sharpest version of this critique is that a biometric oracle deciding who counts as human is a worse centralization point than anything DeFi has built, because the attack surface is identity rather than capital. A decentralized node network helps. It does not fully answer where control sits over the matching model, the liveness detection updates, and the deletion keys.

There is also the human side. Some people will not want to scan, and that concern should not be mocked. Some people may struggle with checks for reasons that have nothing to do with fraud. Some may live in environments where any biometric system feels dangerous because states, employers, or platforms already abuse identity. Some may simply believe crypto should remain wallet-only for as many actions as possible. These are reasonable objections, and the architecture has to answer them rather than wave them away.

Human uniqueness belongs only where the system claims to count people. People should be able to hold assets, send money, use many DeFi tools, deploy contracts, and interact with open networks without proving they are unique humans. If a DAO says community, an airdrop says users, a free tier says one per person, or a grant round says public support, then personhood starts to matter.

Any system that claims to count people needs one thing the wallet never provided: a way to stop one actor from appearing as many.

Crypto built the wallet and left the human question for later. Later is now a six year old unsolved problem with a graveyard of attempts behind it. The next version of this stack either figures out how to count people without turning them into documents or it keeps counting capital and calling the result community. Those are different things. The architecture knows the difference even when the language does not

Sign up for more like this.

Enter your email
Subscribe