Event

The purpose of the Orb is to uniquely identify humans while preserving privacy. It does so by scanning user irises, deciding if they’ve signed up before, and adding them to a global set of zero-knowledge identity commitments. Then, the user owns a private key which they can use to produce zero-knowledge proofs that prove they are human, without revealing which human.

Attackers have an economic incentive to hack inside individual orbs, since getting inside of one means they can generate fake signups, and then later get cryptocurrency. They might also want to steal user biometric information. Thus the Orb’s software and hardware need to be designed to defend against software hacks and physical tampering.

To that end, the OS is architected with a few security mitigations – including secure boot, signed operating system images, verity-mounted filesystem partitions, and write/execution-restricted filesystems.

Everything can always be hacked, and security is the art of thoughtful risk mitigation. The Orb’s OS has been architected in a way so as to minimize the risk of hackers-stealing or government-seizing user biometric data. But of course, things aren’t perfect, so if you have any thoughts on how to hack the Orb, please do send your questions / criticisms.