XO Whitepaper
Architecture

XOUL - Proof of Personhood SBT

XOUL is XO's Soul-Bond Token (SBT): a non-transferable on-chain attestation that a user is a verified, unique human. It is the foundation of trust on XO and the basis of the XO Protocol Trust API.

What is XOUL?

When a user registers on XO, an account-abstraction (AA) wallet is provisioned and bound to their account. As the user completes verification steps, those proofs are recorded as attestations on the user's XOUL. The SBT itself is non-transferable — it follows the user, not the wallet.

Verification Methods

Each attestation contributes to a composite trust_score (0–1). Current attestation types include:

AttestationWhat it proves
Photo LivenessFace liveness check confirms a real human is in front of the camera (not a photo, screen, or deepfake)
Social AccountLinked Twitter / Google account proves an external identity
Phone VerificationSMS-verified phone number
App EngagementAccrued, in-app behavior consistent with a real user (not a bot)

The composite trust_score and individual attestation list are queryable via the XO Protocol API.

Querying via XO Protocol

Any partner with an API key can verify a user's personhood via a single REST call:

GET /protocol/v1/identity/verify
Authorization: Bearer <user_jwt>
X-API-Key: <partner_api_key>

Response shape:

{
  "verified": true,
  "trust_score": 0.92,
  "has_minted_sbt": true,
  "attestations": [
    { "type": "photo_verification", "provider": "xo", "verified": true, "verified_at": "..." },
    { "type": "twitter", "provider": "oauth", "verified": true, "verified_at": "..." }
  ],
  "member_since": "..."
}

No personal data is ever exposed — only scores, tiers, and verification status. User identifiers are replaced with ephemeral tmp_id tokens (24h TTL).

→ Full API docs: protocol.xoxo.space/protocol/docs

Why It Matters

  • For users: portable proof of personhood that works across any app integrating the XO Protocol
  • For partner apps: drop-in human verification without storing PII
  • For AI agents: a credibly neutral identity layer — XO Protocol acts as a "social passport" for agents to verify the humans they interact with

Combined with the Aura reputation system, XOUL provides the identity half of XO's trust stack; Aura provides the behavior half.

FAQ

What is XOUL?
XOUL is XO's Soul-Bond Token (SBT) — a non-transferable, on-chain attestation that a user is a verified, unique human. It serves as a portable proof of personhood that works across any app or AI agent integrating the XO Protocol.
What is a Proof of Personhood SBT?
A Proof of Personhood SBT is a non-transferable on-chain credential proving that the holder is a real, unique human (not a bot, not a duplicate account, not a deepfake). Unlike NFTs, SBTs are bound to a user account and cannot be sold or traded — they represent identity, not ownership.
How does XO verify users are real humans?
XOUL aggregates multiple attestation types into a composite trust_score (0–1): photo liveness checks (real face on camera, not a screen or deepfake), linked social accounts (Twitter, Google), phone verification (SMS), and in-app engagement signals consistent with real-user behavior. Each attestation is independently queryable.
Can third-party apps verify XO users?
Yes. Any partner app with an XO Protocol API key can verify a user's personhood via the /protocol/v1/identity/verify endpoint. The response includes the verified status, trust_score, and a list of attestations — but no personal data. User identifiers are replaced with ephemeral tmp_id tokens (24-hour TTL).
How is XOUL different from Worldcoin or other Proof of Personhood systems?
XOUL is built into the XO consumer app — verification happens organically through real social activity, not a one-time iris scan. It is also composable: each attestation type (liveness, social, phone, engagement) is independently scored, so apps can require specific levels of proof per use case rather than a single binary verified flag.
Does XOUL expose any of my personal data?
No. The XO Protocol returns only verification status, trust_score, and attestation types. Personal data (name, age, gender, photos, contact info) is never exposed. User identifiers are ephemeral tmp_id tokens that rotate every 24 hours and are scoped per partner API key.

On this page