POAP Mobile App Update - More Sybil-Resistant Minting with Secrets Game

The secret of the code should be removed and Poap should be a combination of the galxe project and Gitcoin passport Also a simple puzzle game for robots

im not forget money for poap xD Finally, complete authentication of the person does not seem interesting

I thought about games - it would be great to add a fun dinosaur game from google … or games from Sismo https://zikirun.sismo.io/ (they just forked games from Google) It will be more fun. And it will be possible to enter a criterion - to get 2000 points in the game. :grinning:

Here’s an idea:

I’ll try to explain the essence of my proposal:

  • When a person downloads the application, the application will ask for access to the gyroscope (which can determine the movement of a person)
  • And now, in order to successfully mint POAP, you will need to perform real actions in real life - Let’s say you walk 1 mile.
  • This will be good for health as well, as movement helps us stay healthy.

Hello. I strongly support your innovation. After all, if we have to spend energy for mint our POAP, then it will become even more expensive for us. The value of this POAP will be that you will know that all other people just like you played the game and spent your time on it!

Now to the question - what would I suggest to further improve this kind of verification - that the user is human.
:interrobang:It seems to me that you can do something more interactive. For example, these types of tasks:

  • Draw some kind of garffiti (by the way - this can be associated with POAP art - and as a result, make a selection of pictures drawn by people)
  • Write a poem
  • Answer questions (which may be provided by the organizers of the event). To make the answers fun - you can make the answers in the form of pictures!

I use an android phone - Samsung Galaxy - and I have set the text as large as it can go because of my vision. Today I was trying to claim a POAP that was announced on some Twitter spaces and they had a secret word. I didn’t know this gamification thing was coming and didn’t know what to do. Ascending order? What? The instructions were not good. The instructions should have said 'You will have 2 minutes to count up…" or something. Anyways when the numbers got to 3 didgets long they no longer fit in their circles. These numbers should have been displayed in responsive rectangles, not in fixed width circles. Because my assistive tech magnification broke the template of your game I timed out three times and couldn’t complete the game in the allotted claim window.

1 Like

:one:Very logical and interesting! I’m looking forward to trying this out.
However, there was doubt that it would be really nice to do. I have read the comments above and people are saying that the time it takes to play is too long. It’s like forcing a child to play the game he doesn’t want to.:relaxed:

But on the other hand, if there was a choice of games, then the person himself would be able to choose which one he wants!

:two:About sybil-resistant - This is a great innovation. I understand that you have a difficult task. Since the problem is not to reduce the entire WEB3 space to a census of documents - this is contrary to the free Internet. But on the other hand, to prevent farmers from participating in those projects in which they are only for the sake of POAP.

Perhaps for this you can enter a presence confirmation (in online calls) - in which you will need to perform some actions so that the POAP application keeps you logged in. For example, you need to click on the ball that suddenly appears during the conversation - and this would make it possible to prove that the conference participant was listening throughout the entire conversation.

PLEEEEZ no math! It was bad enough to try to do this numbers game when the numbers constantly moved - just with counting up past three didgets it got so I couldn’t do it. If you all put math problems in the app I’d have to pull up the calculator app and then I would time out for sure!! LOL numbers are hard…

1) What do you think of the new changes from the perspective of a collector? Of an issuer?
Gamifying the POAP only increases the time to mint the POAP, but it does not necessarily prevent from the POAPs being minted by those who were not present in the session. For example, consider a case where the secret word is shared in a Telegram group with hundreds of members. In this case, anybody who finishes the game earlier can get the POAP, even by those who were not present in the event! On the other hand, a person present in the session may not be as fast as needed and finishes the game when the POAPs are all over. In this case, it can be frustrating as well.

2) Do you have other ideas for how POAP Secrets could be made more sybil-resistant?
3) What about general ideas for how to distribute POAPs in a more secure or efficient manner?
Generally, a distribution method is expected to satisfy the following requirements. a) It ensures that “only” those attending a given event can get the related POAP. b) It prevents the POAPs from being minted by bots.

Accordingly, recording the audience presence in an event is expected to be considered as the main criterion to receive the POAP. A method similar to what is done by Degen can be used in which an attendee is required to attend a certain amount of time to be eligible to get a POAP. If it is combined with a secret word, it can be against the bots as well. Even though the aforementioned method can prevent from the POAPs being minted by those who were not present in the session, still it is not resistant against multiple minting by one person on multiple devices. A Zero-Knowledge identity proof can resolve this issue.

4) Leave any other thoughts you have below; all feedback is greatly appreciated.
Altogether, to make the POAP-minting sybil-resistant, the POAP app is necessary to be equipped with the following features:

a) It is required to be connected to Discord/Twitter to record the audience attendance for online meeting held on Discord/Twitter.
b) Entering the Secret Word - Currently available.
c) Equipped with a Zero-Knowledge identity proof. For example the POAP app can be equipped with a face-identification provided that the data is encrypted and is not saved.

(sorry not really replying to Orlov. This is directed to the POAP developers.) About assistive tech and accessibility in games. Please refer to the web content accessibility guidelines 2.2 to discover if these required tests are accessible. Anything that is related to vision that doesn’t have a corresponding alternative text will not be accessible to vision impaired users. Remember the 4 categories of disability: vision, auditory, cognitive, and motor. Remember that some users can’t click with their fingers, some can’t do math, some can’t see things that pop up out of nowhere, and some have brain fog. Some users have short term memory loss, some have dyslexia, some have tunnel vision. I know it is challenging to come up with a way to discourage bots that is also accessible to users of various abilities. You could offer a main game that most users can do, then also add a link to an alternative way to verify your humanity for those who cannot complete the game.

I need to add to my previous post: Around an hour ago, I tried the new game after entering the Secret Word and I could not mint the POAP (please see the attached image).
The game even removed the event organizers and they were not able to min the POAP either! Altogether, I do not suggest such a game. My reasons are as follows:

  1. The game is way too long and it can be stressful.
  2. It removes the legit attendees.
  3. It distracts the audience’ attention from the event.
  4. It does not necessarily remove those who were not in the event. Please refer to the example I mentioned above, i.e., the cases where the Secret Word is shared, for example, in a Telegram group, etc.

I would like to comment my impression about this comment:

Remember that there is additional mechanisms to just access the “captcha”, so the bot should identify vulnerable events giving POAPs, with vulnerable I mean: events that are using secret word, have a window enough long to mint the POAP, and have easy access to the secret word, then the bot should be able to decode the secret word from the medium used (voice, video, written), copy and paste that into the POAP app, maybe in an android emulator to be able to run in desktop, in the opened minting window period, and solve the numbers with something like open CV…

I mean, it is something definitely doable, but someone capable of coding such bot, would have so much better incentives dedicating the time, effort and tech for other lucrative uses, so I don’t really get why someone would want to make a bot for this…

Maybe I am missing something, but thinking as an engineer I can clearly identify that there are two possible reasons for POAP inc to implement these mechanisms:

  1. The solution was poorly tested as @yeysus suggested (something totally possible, bearing in mind that POAP is very used to do things like testing in production, as they openly indicate in the issuer guidelines)
  2. The actual intention of these games are not to prevent bots, but to prevent farming, and the goal is to make the minting process so long and minting window so short, so farmers don’t have too much time to accumulate so many poaps…

I didn’t still find any clear proof of a bot capable of farming POAPs, I dunno if that’s actually something happening in the POAP ecosystem, maybe is just farmers, like groups of people colluding together to get as many poap as possible, but definitely using manual methods.

Maybe if POAP decided to expose these supposed bots or farmers patterns the community would be capable of collaborate and suggest more and better solutions together. I am convinced this would be the way, and the web3 way.

1 Like
  • What do you think of the new changes from the perspective of a collector? Of an issuer?
    Not tested it yet but I’m not a fan of a Secret codes. Here are the reasons, First of all, you should consider that maybe not everyone’s internet connection is the same, and there may be connection delays or even outages in between, causing problems with minting POAP. On the other hand, not all people are native English speakers and may make mistakes in hearing words and miss the POAP.
  • Do you have other ideas for how POAP Secrets could be made more sybil-resistant?
    If you ask me in order to prevent farming, a unique code should be considered for each participant. This code can be sent by a bot in Discord.
  • What about general ideas for how to distribute POAPs in a more secure or efficient manner?
    Back in the day, I was very satisfied when POAP was distributed by Degen bot. Because, the distribution was absolutely fair and anyone who participated was eligible to receive a POAP.
  • Leave any other thoughts you have below; all feedback is greatly appreciated.
    I’m a huge fan to be honest and I hope that you could find a fair, easy and safe solution for POAP distribution.
1 Like

Hey @Chynacho

Thanks for your comments and for being a POAP fan! :heart:

We understand the internet or language issues; they could be a problem for minting the POAP.

POAP Secrets is a solution for platforms such as Twitter Spaces.
For Discord Stages, we’re recommending the use of Guild, which is very similar to Degen (Degen no longer provides support)

Thanks for all your feedback; it’s highly appreciated.

Have a wonderful day!

It may not be reasonable to specify the time to receive the popup. Due to the fact that sometimes the internet is not fast enough. The presence of someone who is in the meeting should be registered in a way that if