Worldcoin Addresses Orb’s Privacy Concerns with Third-Party Audit

Sam Altman Security Worldcoin
Ad Disclosure
Ad Disclosure

We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. However, this potential compensation never influences our analysis, opinions, or reviews. Our editorial content is created independently of our marketing partnerships, and our ratings are based solely on our established evaluation criteria. Read More
Last updated:
Ad Disclosure
Ad Disclosure

We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. However, this potential compensation never influences our analysis, opinions, or reviews. Our editorial content is created independently of our marketing partnerships, and our ratings are based solely on our established evaluation criteria. Read More
Author
Hongji Feng
Author Categories
About Author

Hongji is a crypto and tech reporter. He graduated from Northwestern University's Medill School of Journalism with a Bachelor's and a Master's. He has previously interned at HTX (Huobi Global),...

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews
Ad DisclosureWe believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. Read more

Worldcoin has released the results of a third-party audit conducted by Trail of Bits focused on its iris-scanning Orb technology.

According to a recent report, Tools for Humanity (TFH) and the Worldcoin Foundation enlisted Trail of Bits to perform a detailed audit of the Orb’s software. This audit went beyond standard security checks to assess specific privacy and functionality aspects of the Orb.

The audit investigated Worldcoin’s Orb devices, focusing on how they handle and secure user data. The findings indicated that the devices do not store personal information, except for iris codes, which are encrypted and uploaded for verification purposes.

Worldcoin Orb’s Privacy Scrutiny

TFH outlined several technical claims to guide the audit, focusing on the Orb’s software as of its July 8, 2023 version.

During the default opt-out signup process, the Orb is designed to collect only the user’s iris code, avoiding any storage or transfer of personally identifiable information (PII) other than this.

The goal is to ensure no PII is written to the Orb’s persistent storage or uploaded from the device, except for the iris code.

For users opting into a more data-inclusive signup flow, any PII saved on the device’s SSD is encrypted asymmetrically, making it inaccessible for decryption by the Orb itself.

The audit also verified that the Orb does not pull sensitive information from a user’s device. The only data collected is encapsulated within a QR code scanned by the Orb.

The handling of a user’s iris code was scrutinized for security. It was confirmed that the iris code is not stored persistently on the Orb, is transmitted in a single request to the backend, and can only be sent to pre-approved servers, secured by end-to-end encryption.

Conclusion Drawn by Trail of Bits

According to Trail of Bits, the analysis “did not uncover vulnerabilities in the Orb’s code that can be directly exploited in relation to the Project Goals as described.”

“While Trail of Bits’ review identified some unconfirmed concerns that could theoretically affect project goals, and the affected code has since been updated,” the report reads. “The audit did not identify any instances where the project goals would be directly compromised.”

More Articles

Blockchain News
South Korean Lawyer Indicted in $7.9M Crypto Scam Probe
Tim Alper
Tim Alper
2025-02-10 03:00:00
Blockchain News
Japan’s SBI Posts Record Crypto Profits; Aims for Nation’s First USDC Listing
Tim Alper
Tim Alper
2025-02-09 23:30:00
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors