Identity / Names·Ethereum · Gnosis · Polygon
Proof of Humanity
Proof of Humanity (PoH) is a Sybil-resistant registry of unique humans curated by Kleros. Registrants submit a video + photo + vouch from existing humans; disputes go to Kleros court. PoH v2 introduces soulbound humanity IDs (`humanityId`) that persist across wallet rotations and are bridged across chains, replacing the v1 wallet-bound model.
- 011-human-1-vote DAO governance
- 02UBI-style distributions (e.g., UBI token)
- 03Sybil-proof airdrops that need a curated registry
- 04human-only social or moderation tooling
- 05quadratic voting with hard humanity guarantees
- pnpm add viem ethers
| Variable | Scope | Description |
|---|---|---|
| NEXT_PUBLIC_POH_CONTRACT | Client | ProofOfHumanity v2 contract address on the target chain (e.g. Gnosis 0xe17b...). Read-only. |
| NEXT_PUBLIC_POH_SUBGRAPH_URL | Client | Kleros PoH subgraph endpoint for querying humanity IDs and registration history. |
Use Proof of Humanity v2 to gate features on registered humans. Read the v2 contract via viem: `const isHuman = await publicClient.readContract({ address: POH_V2, abi: pohAbi, functionName: 'isHuman', args: [userAddress] })`; resolve the persistent `humanityId` with `getHumanityId(userAddress)` (or `boundTo(humanityId)` to reverse-lookup the active wallet). For aggregate queries, hit the Kleros subgraph for `humans(where: { registered: true, address: $addr })` and check `vouchesReceived`, `lastStatusChange`, and `expirationTime`. Bind app-level grants to `humanityId`, not the EOA, so users can rotate wallets without losing status. Always treat the registry as eventually-consistent across chains — re-check on the canonical home chain before high-value actions.
- ⚑PoH v1 (`isRegistered(address)`) and v2 (`isHuman(address)` / `humanityId`) are different contracts with different semantics — v1 is being deprecated; new integrations must target v2 and use `humanityId` as the stable identifier.
- ⚑Registrations expire (typically every ~2 years) and require re-verification + re-vouching; gate logic must handle `expirationTime` or you'll stop honoring valid humans the day after expiry.
- ⚑Submissions can be challenged and removed via Kleros court mid-stream — revocation is real and asynchronous; cache `isHuman` results with a short TTL (minutes, not days) for high-value flows.
- ⚑PII exposure is severe: PoH submissions include a public selfie video and photo on IPFS, which is the strongest sybil defense but also the strongest privacy violation in this category. Do not mirror or rehost this data.
- ⚑Sybil bypass attacks exist: vouching cartels, AI-generated faces, and recycled videos have all been observed — the dispute layer is the actual security boundary, not the submission step.
- ⚑v2 humanity state is bridged across Ethereum, Gnosis, and Polygon with a home-chain model; reading a side chain can return stale data — for finality-sensitive checks always read the home chain.