Proof of Personhood
IRLid lets two people prove they met in the real world — currently requiring nothing more than two phones, two scans, and a cryptographic receipt.
What is Proof of Personhood?
Proof of personhood is a way to verify that a digital identity belongs to a unique, real human being rather than a bot, an AI agent, or a duplicate account. As online systems become increasingly automated, the ability to distinguish genuine human participation from synthetic activity is becoming a fundamental challenge.
Existing solutions often rely on biometric scans, centralised identity providers, or trust in a single company — approaches that can work, but come with trade-offs around privacy, accessibility, and vendor lock-in. IRLid starts from a different angle: instead of asking who you are, it proves that you were physically present with another person at a specific time and place.
How IRLid Works
When two people meet, they complete a short QR-code handshake using their phones. Each device holds a unique ECDSA P-256 key pair generated in the browser. The handshake binds both parties' cryptographic signatures to a shared timestamp and GPS location, producing a receipt that can be independently verified by anyone.
The whole process takes about ten seconds and requires no app download — IRLid runs entirely in the browser. The three steps are:
Step 1 — Show: Person A opens IRLid. Their phone generates a signed HELLO QR code containing their public key, GPS coordinates, a timestamp, and a random nonce. This is displayed on screen.
Step 2 — Scan & Accept: Person B scans A's QR using their phone camera. IRLid opens and automatically creates a signed response that is cryptographically bound to A's specific HELLO. Person B's Accept QR is displayed on their screen.
Step 3 — Verify: Person A opens the Scan page and scans B's Accept QR. The app validates both signatures, checks that timestamps are within 90 seconds of each other, confirms GPS locations are within 12 metres, and combines everything into a single signed receipt. The receipt is uploaded and immediately available to both parties.
Cryptographic Guarantees
Every receipt undergoes multiple verification checks. Here is what each check proves:
ECDSA P-256
Each party signs their payload with a private key that never leaves the device. The receipt contains both signatures, verifiable by anyone using the corresponding public keys.
Hash Chaining
Person B's response contains a SHA-256 hash of Person A's HELLO. This prevents replay attacks — a response is only valid for the exact HELLO it was created for.
90-Second Window
Both timestamps must be within 90 seconds of each other. This ensures the exchange happened in real time, not replayed from an old recording.
12-Metre Tolerance
GPS coordinates from both devices must be within 12 metres. Combined with the time constraint, this provides strong evidence of physical co-presence.
Privacy & Data
Right now, IRLid works without biometrics and without requiring any personal information. Your device generates a random key pair — there is no registration form and no email needed just to complete a handshake. This is a deliberate starting point: prove the cryptographic model works before adding layers on top.
That said, biometrics and personal data are not off the table. In future, incorporating them could significantly strengthen the system — for example, making it harder to spoof a handshake by passing a phone to someone else, or tying a device key to a verified identity for higher-stakes use cases. These are improvements, not requirements.
Even today, linking a Google account (and soon, a direct email login) improves the experience in practical ways: your name and profile picture appear on receipts, making it easy to see who you met at a glance. Account linking is entirely optional — the core handshake works the same either way.
Receipts are stored with the public keys of both parties. The receipt JSON is fully transparent — anyone can inspect exactly what data is stored. The core handshake works entirely between two browsers; the backend server is used only for optional features like account linking, receipt storage, and third-party verification. If the server were to disappear, every receipt already issued would remain independently verifiable using the cryptographic data embedded within it.
Use Cases
- Replacing CAPTCHAs You know those "click every traffic light" puzzles you have to solve to prove you're human? They're annoying, they're getting easier for bots to beat, and they don't actually prove you're a real person — just that something solved a visual puzzle. IRLid takes a completely different approach: instead of asking a computer to guess whether you're human, it uses cryptographic proof that you physically met another human being. That's a much harder thing to fake.
- Proving You're a Real Person Online As AI gets better, it's becoming almost impossible to tell real accounts from fake ones. One person can run hundreds of convincing bot accounts. IRLid creates a verifiable chain of in-person meetings — if your account has receipts showing you've met real people face to face, that's strong evidence you're not a bot. Useful for voting platforms, online communities, or anywhere that needs to know its users are genuinely different people.
- Event Attendance Need proof that someone actually showed up to a conference, workshop, or meetup? Instead of relying on a sign-in sheet or a centralised check-in app, attendees can exchange IRLid handshakes. Each receipt is a timestamped, location-stamped, cryptographically signed record that the person was physically there.
- Trust Networks Every IRLid receipt represents a verified, in-person meeting between two people. Over time, these connections build into a web of trust grounded in real-world relationships — not just followers, likes, or friend requests, but proof that two humans actually stood in the same room.
- Marketplace Handovers Selling something in person through a marketplace like Facebook Marketplace or Gumtree? An IRLid handshake at the point of exchange creates a tamper-proof record that both buyer and seller met at a specific time and place. Useful if there's ever a dispute about whether the handover happened.
- Compliance & Audit Some jobs require proof that someone was physically present — site inspections, home visits, witness verification, field audits. IRLid provides a digital record that's independently verifiable and can't be backdated or forged, without needing a centralised system or special hardware.
Open & Verifiable
IRLid is open source. The entire codebase — frontend, backend, and database schema — is publicly available on GitHub. Anyone can audit the cryptographic logic, verify that the signing process is sound, or run their own instance.
Receipts can be independently verified on the Check page by pasting a receipt hash. All cryptographic checks are re-run in the browser — no trust in the server is required.