An alarming security loophole in the Worldcoin orb was recently uncovered by smart contract auditing firm, CertiK. The revolutionary yet controversial Worldcoin project, which incentivizes users with crypto to submit iris scans via its novel device – Worldcoin Orb – apparently had a gap in its operator verification safeguard. This could have potentially allowed unauthorized individuals, or even non-company entities to operate the Orb without passing the proper verification checks and balances.
CertiK unmasked this issue during their security analysis, which revealed the flaw that could lead to an operator bypassing the Orb’s validation process, thus securing control without needing valid authentication or even a formal corporate standing. The vulnerability was duly reported to Worldcoin’s security team as a “standard whitehat disclosure,” and according to CertiK, it has since been resolved.
The exposure of this vulnerability could spark further controversy around Worldcoin’s project. Skeptics have previously voiced out about its data usage and privacy concerns, calling it ethically questionable and even potentially dystopian. Regulatory bodies have also cast a doubting eye over the project’s operations and execution.
Despite these controversies, Worldcoin remains hopeful in its pursuit of success. Banking heavily on mass adoption, their model has seen people queuing globally in exchange for around $50 worth of their retinal data. While adoption rates fall short of their expectations, the momentum remains steady with reportedly over 545,000 new users recorded weekly, and a record of over 193,000 daily wallet transactions. Moreover, Worldcoin’s website states that out of the 2,000 manufactured Orbs, 366 have been active within the last week.