Ethereum dXdY Causes Controversy Over Face Scan Feature
The Ethereum-based trading protocol dYdX implemented a new feature called Liveness Check. According to an official post, the feature enables users to scan their “image” with a webcam and verified if it has been used to open a different account on the platform.
The feature is non-mandatory and has been implemented to prevent bad actors from taking advantage of promotions, according to the post. The team behind dYdX said:
If you have successfully completed the liveness check with a different account, you will be unable to successfully complete the liveness check again (…). Given that your Ethereum address functions as your account on dYdX, it is trivial to make more than one account. As such, it is quite difficult for a dApp to offer promotions without being Sybil-attacked.
The feature has sparked a debate in the Ethereum community as many believe dYdX is “crossing a line” by asking users to scan their faces to participate in promotions. At the time of writing, the platform is already using the feature to reward new users with $25 on their first $500 deposit.
In order to be eligible for the reward, new users must complete the Liveness Check. Then, new users will be able to claim their rewards.
The team behind dYdX claims they conducted research on the best solution to deter bad actors from launching a Sybil-Attack on their platform. Liveness Checks “offered the best UX for our users to indicate that they are, indeed, one person without revealing their full identity”.
The feature was called a “horrible idea” and a “bribe” for users to provide their personal information and receive money in exchange. Others believe the feature goes against the core values of Ethereum and decentralized finances (DeFi). Chris Blec, host of the “Proof o Decentralization” podcast said:
What dYdX is doing now is just wrong:
1) They’re misleading users on the intent.
2) They know that every face scan they’re collecting is from an innocent. A criminal won’t face-scan but can still use dYdX.
They’re bribing new users to give up privacy just to satisfy regulators.
Ethereum DeFi Changes, Adapts To Regulatory Scrutiny?
dYdX claims that the implementation of the feature was unrelated to regulatory pressures. In August, the U.S. Treasury sanctioned the decentralized exchange Tornado Cash forcing several Ethereum protocols to implement mechanisms to block addresses that have interacted with its platform.
The measures backfired as some users were automatically blocked without justification. Infrastructure providers Infura, dYdX, Uniswap, and others adopted these measures. Many users questioned the decentralized nature of these protocols.
Corey Miller, the author of the post about the Liveness Check and Lead Growth at dYdX, asked a critic the following on their biometric scan feature:
Honest question — what other ways are there to run sybil resistant campaigns in a web3 native way (that actually has good UX)? Goal being a new user wouldn’t have to leave the dYdX sign up flow to verify they are a human.
The data collected from the users will be under the control of dYdX’s provider and won’t be shared with additional third parties, the post clarified.