Proof of Personhood — Claude & I

In 2024, for the first time in the history of the internet, bots generated more traffic than human beings. The public square we thought we were arguing in is, by measurable volume, a machine performance. The question is no longer whether this is a problem, but whether we have the imagination to fix it.

The Manufactured Public Square Propaganda is as old as power. Governments have always understood that controlling the narrative is cheaper than controlling people by force. What is new is the industrial scale at which false consensus can now be manufactured, and the near-zero cost at which any actor, state or criminal, can do the manufacturing.

Consider the architecture of a modern bot operation. A single computer controls thousands of smartphones, each running fake social media accounts across X, Facebook, and Instagram, posting, liking, sharing, and replying with human-seeming fluency. Before the 2024 UK general election, 45 bot-like accounts on X spread divisive political content, posting roughly 440,000 times and reaching over 3 billion views, then adding another 170,000 posts after the election was called.¹ This was not a fringe operation. It was a demonstration of what is now routine.

At least 57 states have deployed social media bots to amplify their messaging.² Russia’s Internet Research Agency seeded American social media with manufactured outrage before 2016. China’s “50 Cent Army” floods international platforms with pro-Beijing narratives. Iran constructs fake American personas, complete with AI-generated faces, to push viewpoints aligned with Iranian interests. In each case, the target is not your opinion. The target is your perception of what other people think. Manufacture enough apparent consensus and real people begin to conform to it.

The AI upgrade has made detection drastically harder. The clumsy bots of 2016, brand-new accounts with no profile picture and a name made of random digits, are largely gone. Their successors have follower histories, plausible biographies, grammatically fluent prose, and the ability to sustain multi-turn arguments. In one experiment testing human ability to identify bots in political discussions, participants were wrong 58% of the time.³ We are losing the detection race, and we are losing it fast.

The Solutions That Do Not Work The obvious response, requiring users to post under their real names, has already been tried at national scale and failed on its own terms. South Korea implemented mandatory real-name verification in 2007, requiring national identification numbers before posting. The result was instructive: the policy produced no measurable decrease in hateful comments or defamation, drove Korean users to foreign platforms that were exempt from the law, and was unanimously struck down by South Korea’s Constitutional Court in 2012 as a violation of free speech.⁴ The Court observed, correctly, that anonymous expression protects dissent from majority pressure. That protection matters.

Anonymity is not an aberration in the tradition of free expression. It is one of its oldest instruments. The Federalist Papers were published pseudonymously. Anti-slavery pamphlets circulated without attribution. Samizdat passed hand to hand in the Soviet Union without names attached. Today, whistleblowers, domestic violence survivors, LGBTQ youth in hostile environments, journalists in authoritarian countries, and political dissidents of every variety depend on the ability to speak without identification. A real-name mandate protects against bots by eliminating the cover that protects the people bots are most often deployed against.

Platform detection algorithms are the other standard response. They are insufficient by design. Social media companies profit from engagement, and bots are extraordinarily engaging. One internal Meta document, later disclosed by whistleblower Frances Haugen, acknowledged that the company’s own “core product mechanics, such as virality, recommendations, and optimizing for engagement, are a significant part of why these types of speech flourish on the platform.”⁵ The fox is not going to audit the henhouse at its own expense.

A Cryptographic Alternative There is a third path, one rooted not in surveillance but in mathematics, and it resolves the central tension between accountability and anonymity.

The framework is asymmetric cryptography, the same mathematical foundation that makes Bitcoin work. In that system, every participant holds two keys: a private key that only they possess, and a public key used to verify their identity. A transaction signed with a private key can be verified by anyone who knows the corresponding public key, but the private key itself cannot be derived from the public key.

Applied to social media, the mechanism works as follows. At registration, a person receives a private key derived from their DNA signature. When creating an account on a platform, they present their public key to that platform privately: it is shared only between the user and the platform, never exposed to other users or the public internet. The platform stores it as a behind-the-scenes credential confirming that this account belongs to a verified human, and enforces a strict one- account-per-credential rule. Every post is then signed with the user's private key and verified by the platform silently. Other users see only whatever display name the account holder has chosen, whether a real name on Facebook or an anonymous handle on X. Nothing links that display name to a key, and nothing links the same credential across platforms. A bot cannot sign a post without a valid private key. A bot farm cannot generate valid private keys at scale because each one is issued only in exchange for something that cannot be industrially reproduced: a human DNA signature.

How the System Works Registration and key lifecycle 1. In-person registration. A person visits a registration office and provides a DNA swab. No name, date of birth, address, or identification document is required or recorded.

2. Key generation. The DNA sample is processed to extract a minimal set of high-variability, non-coding markers. A cryptographic key pair is generated from this signature. The physical sample is immediately destroyed.

3. One person, one key. The derived hash cannot produce a DNA profile. A properly implemented collision-resistant hash of a sufficiently large set of non-coding markers makes reconstruction computationally infeasible under current and foreseeable capabilities. This is not an automatic guarantee: it depends on implementation choices that must be specified, audited, and updated as computing power advances. If the same DNA is presented again, the system issues a new key pair with a later timestamp, automatically superseding all prior keys. There is no distinction between first registration and recovery: the mechanism is identical in both cases.

4. Platform registration. When creating an account, the user privately presents their public key to the platform. The platform stores it as an internal credential, never visible to other users or third parties. It uses this key to verify post signatures and to enforce one account per credential. The user's visible identity is whatever display name they choose: a real name, a pseudonym, or anything in between. The same person can be findable by name on one platform and completely anonymous on another, with no linkage between the two.

5. Key recovery. If a private key is lost or compromised, the user returns to any registration office for a new swab. A new key pair is issued with a later timestamp. When the user re-registers on each platform with the new public key, the platform replaces the old credential. Posts signed with the superseded key are no longer verifiable and are treated as unverified. No central revocation database is required: the user drives their own recovery, platform by platform, and time ordering does the rest.

Why DNA and Not Something Else Iris scans, the approach taken by Worldcoin, come closest to the same uniqueness guarantee, but they carry vulnerabilities that DNA registration avoids. Vitalik Buterin, co-founder of Ethereum and a careful analyst of the Worldcoin model, identified the central weakness: a user could be coerced into scanning their iris while showing a public key belonging to someone else, registering another person’s biometric against their own key.⁶ In-person DNA registration, conducted in a witnessed environment comparable to a notary’s office, eliminates this attack. You cannot coerce a DNA registration any more than you can coerce a notarized signature.

Social graph-based verification, where existing verified humans vouch for new ones, fails under adversarial conditions. Collusion rings can game it. It scales poorly and excludes people without existing verified networks, precisely the populations most in need of protected speech.

DNA is the one biometric that is genuinely irreproducible at scale. A bot farm can rent thousands of phones. It cannot rent thousands of human genomes.

Answering the Objections Does this not create a genomic surveillance database?

No. A cryptographic hash of a DNA signature is a one-way function. You cannot reverse it to reconstruct a DNA profile any more than you can reconstruct a private key from a Bitcoin address. The physical sample is destroyed at registration. What persists in the world is a string of characters with no biological information content. Critically, the genomic privacy argument is in any case substantially moot: commercial ancestry databases have already mapped the genomes of the majority of Americans through voluntary participation. The marginal privacy cost of this proposal, relative to the existing baseline, is negligible.

What about whistleblowers and dissidents who cannot safely register?

A public key is as anonymous as a Bitcoin address. It reveals nothing about the person who holds it. A whistleblower posting under a DNA- verified key is no more identifiable than one posting under a pseudonym today, with one crucial difference: their posts cannot be drowned out by a bot farm posting ten thousand replies. The protection of anonymity is preserved. The bot’s ability to manufacture false consensus around them is eliminated. There is a real and separate concern, however, that in-person registration imposes barriers on refugees, undocumented people, those in conflict zones, and others who cannot safely travel to a registration site. Any implementation must treat access as a design constraint, not an afterthought, and provide pathways for populations that existing identity infrastructure already fails.

What about identical twins?

Monozygotic twins share essentially identical nuclear DNA and represent approximately 0.3% of the population. They would provide supplementary distinguishing information at registration, a secondary biometric used solely to differentiate the pair, with no implications for the remaining 99.7% of users. The edge case has a narrow, targeted solution that does not alter the system’s architecture.

Who operates the registration infrastructure?

This is the genuinely hard question, and honesty requires acknowledging it. Any institution that issues and recovers keys holds significant power over participation in online public discourse. The governance model must be international, decentralized across multiple jurisdictions, and insulated from capture by any single state. That is an unsolved political problem. It is not, however, an unsolved technical problem. The cryptographic architecture works regardless of which governance model wraps it. The governance layer must also address a specific abuse vector: a state or coercive actor forcing mass re- registrations to invalidate established accounts and silence voices. The timestamp supersession model that makes key recovery simple is the same mechanism that makes this attack possible. Mitigations exist, among them cooling-off periods, witnessed re-registration, and challenge processes, but they require deliberate institutional design. Getting the governance right is the work of the next decade. It should begin.

The Mathematics of Trust Every serious attempt to solve the bot problem at the platform level has failed, because the incentive structure of advertising-funded social media makes aggressive bot removal financially irrational. Bots generate engagement. Engagement is what advertisers pay for. Asking platforms to eliminate bots is asking them to voluntarily reduce their revenue. It has not worked and it will not work.

The solution has to operate at the infrastructure level, below the platforms, as a condition of participation rather than a feature of moderation. Asymmetric cryptography is already the infrastructure of digital finance. It protects trillions of dollars in transactions every day with mathematical guarantees no human moderator can match. There is no principled reason it cannot protect the integrity of public discourse with equal rigor.

This proposal is not surveillance. It is not a real-name system. It is not a government database of speakers. It is a mathematical proof, issued once, in person, that the entity signing a post is a human being. The post itself remains as anonymous as the author chooses. The argument stands or falls on its own merits. The manufactured army behind it does not.

We already require proof of personhood to vote, to drive, to open a bank account. We do not consider those requirements for surveillance. We consider them the conditions under which shared institutions function. Public discourse is a shared institution. It is time to extend the same logic.

You prove you are human once. The internet never needs to know who you are again.

Notes & Sources

1Help Net Security, “The architecture of lies: Bot farms are running the disinformation war” (October 2025). helpnetsecurity.com

2Quillette, “The Kremlin’s Bots, Trolls, and Influencers” (November 2024). quillette.com

3Help Net Security, “The architecture of lies” (2025), citing Mastodon experiment data on bot identification accuracy.

4NBC News, “Real names no longer required online: South Korean court” (August 2012). nbcnews.com

5Amnesty International, “Myanmar: Facebook’s systems promoted violence against Rohingya” (September 2022), citing internal Meta document disclosed by Frances Haugen. amnesty.org

6International Finance, “Worldcoin, ‘proof of personhood’ and the privacy debate” (2023), citing Vitalik Buterin’s published analysis. internationalfinance.com Opinion June 20th 2026