How does BridgitID prevent people from verifying multiple BrightIDs through connection party?

Hi! I’m new here. I am interested in integrating BrightID into application that requires unique participants because we need to know someone is not a bot or fake. I just did a connection party. I am wondering how BrightID stops someone from do a second connection party with a different call leader and with a different BridgitID app on a different phone?

1 Like

Anyone have thoughts on this?

Short answer – “Meets” verification obtained in connection parties is a low level of verification. Much higher levels can be used, but require more effort by users.
Each application can decide what level of BrightID verification they want to use.

Longer answer - The connection parties are an effort to help bootstrap the early BrightID graph before it has a lot of users. This is not how BrightID is really supposed to work and not how it will work in the long run.
At connection parties users are making very weak “Just Met” connections to each other. The long-term strong BrightID graph will be built around users making “Already Known” type connections to people they really know.
We are already doing some of this, but there needs to be some way for new users who do not know other current users to start getting involved.
Pivoting to stronger verification types like BITU and Aura is already underway.
Attending these parties helps new users achieve a very low level of verification we call “Meets”.
As you point out, a devious user could certainly try to attend multiple parties with different hosts to obtain multiple Meets verified accounts. We know for a fact some people have done this.
Our hosts are better at detecting this behavior than you might guess, but it does still happen.
We have seen no evidence suggesting that actual bots (accounts not controlled by a human) have been able to obtain the Meets verification. So it can be thought of like a very strong CAPTHCA.

The Bitu verification is up and running today. What is Bitu Verification?. BrightID tackles the problem of Sybil… | by mohammad reza yazdani | BrightID | Medium
It is much more accurate and harder to attack, but also harder for new users to onboard.

At this point the BrightID graph has 65,000 users
~46,000 have “meets” verification and anyone anywhere in the world can obtain it by attending a :15 zoom call.
~12,000 users have Bitu level 1.
Just 800 users have level 10+ at this early stage.
All of these numbers will grow, but it takes time and effort.
An application could pack any level of Bitu it wanted as a hurtle. Manna is the first application using Bitu and is trying with level 4+.
We expect to see lots of experimentation here.

The Aura game will be launching soon and hopes to provide a more scalable and decentralized way to grow a high quality graph policed by the small percentage of users who want to be part of the effort vs. the majority of folks that simply want to get BrightID verified. Aura (a new verification for BrightID)

And beyond any of this, anyone in the world is welcome to build there own analysis of the BrightID graph.
There is not one answer. Here is some of the research that has been done.

We look forward to continued improvements and innovations over time.


Thanks so much. I really appreciate that you took the time to answer. I will look into Bitu and Aura.