Semaphore is developed by PSE, an R&D development lab of the Ethereum Foundation, dedicated to testing use-cases for cryptographic primitives. Unlike the other explored options in this section, Semaphore is not a product but a software library that can be used as a building block to create proof-of-personhood solutions. For example, it is used by Worldcoin.
Semaphore library can be used to create groups, and then allow anyone in this group to create content that is cryptographically associated with their group, without anyone but them being able to say who they are exactly. A group is a collection of cryptographic commitments, arbitrarily put together by someone. An identity is the triplet {private key, public key, commitment}.
Users can then use their identity to create anonymous messages as “one unique member of the group”. This is possible because identities can be used to generate a unique and anonymous yet verifiable proof. The proof changes for each scope. The scope is a public information that’s used for each use-case, such as a particular poll or vote. Proofs generated with different scopes are not correlated with each other, yet they are unique for their specific scope.
Advantages
- Simple, flexible, well-maintained, and mature implementation to realize an anonymous yet unique & verifiable authentication system.
Limitations
- The groups can be created by anyone. Without a trusted public key infrastructure to trust the organization that created the group in the first place, the anonymous proofs are useless. Example: I can post as an anonymous American citizen by using Semaphore. But this only makes sense if everyone trusts that the “group of American citizens” was correctly created in the first place.
Could it be useful for our requirements?
In general, the underlying proof mechanism is exactly what is needed to create an anonymous yet unique & verifiable authentication system.
However, Semaphore could only be useful if it was part of a more comprehensive ecosystem of trusted groups. In SSI terms, Semaphore could only be useful if the groups were created and provided by the Issuers directly, and if the proofs could be generated directly from the Verifiable Credentials.
