Recently, a facial NFT minting project initiated by Privasea has gained tremendous popularity! At first glance, it seems simple: users record their faces on the IMHUMAN (I Am Human) mobile app and mint their facial data into an NFT. This combination of facial data on-chain + NFT has led to over 200,000 NFTs minted since its launch at the end of April, indicating its significant popularity. I was curious too – why is this happening? Can facial data be stored on-chain? Will my facial information be misused? What exactly is Privasea? Let’s delve into the project and its initiator, Privasea, to uncover the details.
Firstly, let’s decode the purpose of the facial NFT minting project. You are greatly mistaken if you think this project is merely about minting facial data into NFTs. The app’s name, IMHUMAN (I Am Human), already hints at a deeper purpose: the project aims to use facial recognition to determine if the person in front of the screen is human. Why do we need human-bot recognition? According to Akamai’s Q1 2024 report (see appendix), Bots (automated programs that can simulate human actions like sending HTTP requests) astonishingly occupy 42.1% of internet traffic, with malicious traffic accounting for 27.5% of total internet traffic. Malicious bots can cause disastrous consequences like delayed responses or downtime for centralized service providers, affecting real users’ experience.

Take the example of ticket scalping: cheaters create multiple virtual accounts to increase their chances of securing tickets, and some even deploy automated programs near the service provider’s data center to achieve almost zero-latency ticket purchases. Ordinary users have little chance against such high-tech competitors. Service providers have made efforts to combat this, using methods like real-name verification and behavioral CAPTCHAs to differentiate between humans and bots on the client side, and employing WAF strategies and other techniques to filter and intercept malicious traffic on the server side. But does this solve the problem? Clearly not, as the rewards from cheating are substantial. The battle between humans and bots is ongoing, with both cheaters and verifiers constantly upgrading their tools. For example, AI’s rapid development in recent years has rendered client-side behavioral CAPTCHAs almost ineffective, as AI models can often solve them faster and more accurately than humans. This has forced verifiers to upgrade from early user behavior detection (image CAPTCHAs) to more advanced biometric detection (perception verification: client environment monitoring, device fingerprinting, etc.), and for high-risk operations, to biometric verification (fingerprints, facial recognition).
In Web3, human-bot detection is equally essential. For certain project airdrops, cheaters can create multiple fake accounts to launch Sybil attacks, necessitating real human verification. Given Web3’s financial nature, high-risk operations like account login, withdrawal, trading, and transfers require not just human verification but also account ownership verification, making facial recognition an ideal choice. The demand is clear, but how do we implement it? Decentralization is the essence of Web3, and when discussing facial recognition in Web3, the deeper question is how Web3 should adapt to AI scenarios:
In response to the challenges mentioned in the previous chapter, Privasea has proposed an innovative solution: the Privasea AI Network, built on Fully Homomorphic Encryption (FHE), to address privacy-preserving computation in AI scenarios on Web3. FHE is an encryption technique that allows computations on encrypted data to yield the same results as if the operations were performed on unencrypted data. Privasea has optimized and encapsulated traditional FHE into a layered structure, consisting of the Application Layer, Optimization Layer, Arithmetic Layer, and Raw Layer, forming the HESea library. This library is tailored to machine learning scenarios, with each layer responsible for specific functions:

Through this layered architecture, Privasea offers more customized solutions to meet the unique needs of each user. Privasea’s optimizations primarily focus on the Application Layer and Optimization Layer, delivering custom computations that can accelerate performance by over a thousand times compared to basic solutions found in other homomorphic encryption libraries.
Judging from its Privasea AI NetWork architecture:

The Privasea AI Network consists of four roles: Data Owners, Privanetix Nodes, Decryptors, and Result Receivers.
The general workflow of the Privasea AI Network is as follows:

Step 1: User Registration
Data Owners initiate the registration process on the privacy AI network by providing necessary identity verification and authorization credentials. This step ensures that only authorized users can access the system and participate in network activities.
Step 2: Task Submission
The Data Owner submits the computation task and input data, which is encrypted using the HESea library. The Data Owner also specifies authorized Decryptors and Result Receivers who can access the final results.
Step 3: Task Allocation
A blockchain-based smart contract deployed on the network assigns computation tasks to appropriate Privanetix Nodes based on availability and capability. This dynamic allocation process ensures efficient resource distribution and task assignment.
Step 4: Encrypted Computation
The designated Privanetix Nodes receive the encrypted data and perform computations using the HESea library. These computations are executed without decrypting sensitive data, thereby maintaining its confidentiality. To further ensure the integrity of the computation, Privanetix Nodes generate zero-knowledge proofs for these steps.
Step 5: Key Switching
After the computation is complete, the designated Privanetix Nodes use key-switching techniques to ensure that the final result is authorized and can only be accessed by the specified Decryptors.
Step 6: Result Verification
Upon completion of the computation, the Privanetix Nodes return the encrypted results and corresponding zero-knowledge proofs to the blockchain-based smart contract for future verification.
Step 7: Incentive Mechanism
Contributions by Privanetix Nodes are tracked, and rewards are distributed accordingly.
Step 8: Result Retrieval
Decryptors use the Privasea API to access the encrypted results. Their primary task is to verify the integrity of the computation, ensuring that the Privanetix Nodes executed the computation according to the Data Owner’s intent.
Step 9: Result Delivery
The decrypted results are shared with the Result Receivers designated by the Data Owner.
In the core workflow of the Privasea AI Network, users interact with an open API, allowing them to focus solely on the input parameters and corresponding results without understanding the complex internal computations of the network. This reduces cognitive load. At the same time, end-to-end encryption ensures that data remains secure throughout processing.
PoW & PoS Dual Mechanism
Privasea recently introduced the WorkHeart NFT and StarFuel NFT, which use a dual mechanism of Proof of Work (PoW) and Proof of Stake (PoS) for managing network nodes and distributing rewards. Purchasing a WorkHeart NFT grants the holder the qualification to become a Privanetix Node, participating in network computation and earning token rewards based on the PoW mechanism. The StarFuel NFT, limited to 5,000 units, acts as a node enhancer and can be combined with WorkHeart, similar to PoS. The more tokens staked to StarFuel, the greater the yield multiplier for the WorkHeart node.
So, why use both PoW and PoS? The answer lies in the strengths of each mechanism. PoW reduces the likelihood of node misconduct by tying it to computational cost, thereby stabilizing the network. Unlike Bitcoin’s inefficient random number verification, the actual work output (computation) of nodes in this privacy-preserving computation network is directly linked to the work mechanism, making it naturally suited for PoW. Meanwhile, PoS effectively balances economic resources. This combination allows WorkHeart NFTs to earn rewards through PoW while StarFuel NFTs enhance yield through PoS, creating a multi-layered, diversified incentive structure. This structure enables users to choose participation methods that best suit their resources and strategies, optimizing reward distribution and balancing the importance of computational and economic resources within the network.
In summary, the Privasea AI Network has built an encrypted machine learning system based on Fully Homomorphic Encryption (FHE). Thanks to the privacy-preserving features of FHE, computational tasks are distributed among various computing nodes (Privanetix) in a decentralized environment. The results are validated through Zero-Knowledge Proofs (ZKP), and the network’s operations are maintained by rewarding or penalizing nodes that provide computation results, using a dual mechanism of Proof of Work (PoW) and Proof of Stake (PoS). The design of the Privasea AI Network paves the way for privacy-preserving AI applications across various fields.
As seen in the previous chapter, the security of the Privasea AI Network relies on its underlying FHE. With ongoing technological advancements by industry leaders like ZAMA, FHE has even been dubbed the new cryptographic “Holy Grail” by investors. Let’s compare it with ZKP and related solutions.

Upon comparison, it becomes clear that ZKP and FHE have distinct applications: FHE focuses on privacy-preserving computation, while ZKP emphasizes privacy verification. Secure Multi-Party Computation (SMC) appears to have a greater overlap with FHE, as SMC addresses the issue of data privacy among computing entities engaged in joint computations.
FHE separates data processing rights from data ownership, thus preventing data leakage without compromising computation. However, this comes at the cost of computational speed. Encryption, like a double-edged sword, enhances security while significantly reducing processing speed. In recent years, various performance enhancement strategies for FHE have been proposed, ranging from algorithmic optimizations to hardware acceleration.
Additionally, the application of hybrid encryption schemes is under exploration. By combining Partially Homomorphic Encryption (PHE) and Searchable Encryption (SE), efficiency can be improved in specific scenarios. Despite these advancements, FHE still lags behind plaintext computation in terms of performance.
Through its unique architecture and relatively efficient privacy-preserving computation technology, Privasea not only provides users with a highly secure data processing environment but also opens a new chapter in the deep integration of Web3 and AI. Although the underlying FHE technology has inherent drawbacks in processing speed, Privasea has recently partnered with ZAMA to tackle the challenges of privacy-preserving computation. As technology continues to advance, Privasea is poised to unlock its potential in more fields, becoming a pioneer in privacy-preserving computation and AI applications.





