New state bridge update enables permissionless integration with World ID

Oct 11, 2023 5 Minute Read

Contributing Worldcoin developers recently updated the project’s state bridges to use a new architecture that saves gas and enables anyone to easily create a bridge for any Ethereum Virtual Machine (EVM) compatible chain.

With the revised architecture, teams can now develop and operate their own state bridge permissionlessly to integrate World ID with their preferred blockchain and application. This enhancement has the potential to unlock new applications for a sybil-resistant, proof-of-personhood primitive.

What is a state bridge?

A bridge is a mechanism that enables interoperability between two blockchains, allowing data to transfer between them. In the context of Worldcoin, state bridges are used to share the current state of the World ID contracts with other chains enabling developers to leverage proof of personhood on L2s, sidechains and more. 

World ID is represented as a Merkle tree on Ethereum, with each leaf representing a unique identity. The root of the Merkle tree is used to create and validate ZK proofs, enabling a privacy preserving identity primitive that can be used across a wide variety of applications.

One example of this is how Worldcoin’s WLD grants are claimed on Optimism via World App, the first World ID-compatible mobile application created and operated by Tools for Humanity (TFH). When a user first downloads World App, a new Safe wallet is created and deployed on Optimism. They can then claim eligible grants simply by creating a ZKP that is validated when calling the `claim()` function on the `RecurringGrantDrop` contract on Optimism. 

State bridges are used to bridge the latest Merkle root to Optimism so that `OpWorldID` can properly validate the proofs. 

Previous state bridge architecture

Previously, the state bridge was tightly coupled with the `WorldIdIdentityManager`. Every time the `signup-sequencer` inserted a batch of new identities, the `WorldIdIdentityManager` would call the `StateBridge` contract, propagating the root to all supported chains. This approach had a few limitations. 

Firstly, the `sendRootMultichain` function used to propagate roots was only callable by the `WorldIdIdentityManager`, which required permissioned access. Additionally, bridging to all supported chains whenever new identities were inserted was gas inefficient. The updated state bridge design addresses each of these barriers and more!

Figure

Updated state bridge architecture

The updated state bridge architecture features a modular, permissionless and gas efficient design. 

Merkle root propagation has been decoupled from identity insertion allowing for new identities to be inserted more efficiently. As a result of separating these operations, state bridge propagation is now permissionless, allowing anyone to propagate roots at any frequency. 

Individual state bridges are now also separated, allowing root propagation to happen more frequently on a given chain if needed. Lastly, this approach allows anyone to deploy their own state bridge for a chain that is not already supported by Worldcoin to enable proof of personhood on any EVM compatible chain. 

Figure

Building your own bridge

As mentioned, the new state bridge architecture allows World ID to be bridged to any EVM compatible chain using a method to send messages from L1 to L2. Some examples of this are Optimism’s `CrossDomainMessenger`, Scroll’s `ScrollMessenger` and Arbitrum’s `Inbox`. Another approach to send messages from L1 to L2 is by leveraging storage proofs, which protocols like Axiom and Herodotus are currently working on. Note that if you are not using storage proofs, you will need to support cross domain ownership, allowing only the state bridge contract on L1 to update the contract on L2.

The target chain must be EVM compatible and have support for Pairing (ECC) and keccak256 EVM precompiles (although it is possible to build this from scratch if not available).

Let's take a quick look at how the Optimism state bridge works. When the propagateRoot() function on the Optimism state bridge is invoked, the bridge contract gets the latest root from the `WorldIdIdentityManager` through the latestRoot() function.  Then the state bridge contract uses the `OptimismCrossDomainMessenger` to send the root to the World ID contract on L2, targeting the receiveRoot()  function. Only the L1 state bridge contract can call `receiveRoot()` ensuring that only valid roots are propagated, which is enforced by a cross domain ownership modifier on L1.

Another key function to note is setRootHistoryExpiry(), which defines the lifespan of a propagated root for World ID proofs. The L2 World ID contract should match the World ID Identity manager's tree depth, which currently sits at a depth of 30 (leaving room for 1 billion users).

For reference, view the source code for the Optimism and Polygon state bridge implementations on Github: worldcoin/world-id-state-bridge.

Once you have deployed the state bridge contracts on L1 and L2, you will need a program that periodically calls the `propagateRoot()` function to send the latest root to the receiver contract on the target chain. Finally you’ll need to be able to fetch inclusion proofs to create Semaphore proofs that will be validated within the L2 contract. Currently our sequencer can provide inclusion proofs which will be usable on Optimism, but for other L2s you might need to rebuild the Merkle tree containing the identity commitments by extracting the calldata from transactions that target the `registerIdentities()` function on the `WorldIdIdentityManager`. This is because our API may return a proof for a root that has not yet been bridged to your L2.

Worldcoin contributors are currently developing a suite of tools including a `state-bridge-service` and `tree-availability-service` to support bridging roots and building inclusion proofs for any EVM compatible chain “out of the box”. These tools are expected to be open sourced sometime in the next few weeks.

Security assessments

A top priority for the contributor team at TFH is the safety and quality of protocol-related upgrades. 

At the direction of the Worldcoin Foundation, TFH continues to work with audit vendors to ensure the soundness of protocol releases. Prior to launch, TFH engaged Least Authority and Nethermind to audit the off-chain and on-chain components of the protocol specifically related to its use of blockchain technologies, cryptography and smart contracts. TFH also engaged Nethermind to audit the smart contract changes for the new state bridge architecture. 

Full details can be found in their report linked here

Learn more

If you’d like to learn more about relevant Worldcoin updates and other important information concerning the project, you can find a detailed breakdown of the project in the Worldcoin protocol whitepaper

You can also sign up for the blog newsletter at the bottom of this page or join the ongoing daily conversations on Twitter/X, Telegram, Discord, YouTube and LinkedIn

Disclaimer

The above content speaks only as of the date indicated. Further, it is subject to risks, uncertainties and assumptions, and so may be incorrect and may change without notice. A full disclaimer can be found in our Terms of Use and Important User Information can be found on our Risks page.

The information in this article is over 12 months old and may be outdated. Please visit world.org/blog for the most recent information about the project.