Explainer 07

Two Gates: Identity and Speech

Most platforms have one gate: who can post? They answer it with email verification, phone-number checks, or CAPTCHA. Jomhoor has two gates, because the threats are different at each layer.

The threat we are defending against is not bad words. The threat is a coordinated faction — regime-aligned or otherwise — using legitimately-onboarded identities to flood the platform with content that incites violence, denies genocides, dehumanizes minorities, or normalizes torture.

A single gate cannot stop both sybils (fake people) and capture (real people, wrong intent). We need two.

The two chokepoints

USER

Identity gate

ZK passport proof
INID proof
nullifier

OK →

Speech gate

Normative compliance
Content check

OK → PUBLISHED

↓

Rejects sybils
one person = one identity

↓

Rejects capture
no content that violates the 11 UN conventions

Gate	Stops	Does not stop
Identity (ZK + nullifier)	Bots, sybils, multi-accounts, foreign interference at scale	A real Iranian citizen posting harmful content
Speech (normative compliance)	Content that incites violence, denies genocide, dehumanizes groups	Lawful political speech we disagree with

Both gates are necessary. Neither is sufficient. If we had only the identity gate, a coordinated faction with real passports could capture the platform. If we had only the speech gate, bots could drown it before any compliance check matters.

Gate 1 — Identity (recap)

Covered in detail in explainers 04 and 05. In one sentence: each user proves, in zero-knowledge, that they hold an Iranian biometric passport or INID issued by Iran's government, and the on-chain nullifier guarantees the same document cannot register twice.

What it gives us:

One real document per registration.
Strong resistance to bot-farms, low-cost sybils, and foreign-state influence campaigns that don't have access to Iranian passport stock.
A stable, anonymous identity (pairwise subject per relying party) for voting and SSO.

What it does not give us:

It does not check who the person is, in the sense of values or intent. An IRGC member with a valid passport gets through this gate exactly as easily as a student opposition activist with a valid passport. That is the point of zero-knowledge — we don't know which is which — but it means the gate cannot defend against captured-but-legitimate identities.

This is where the second gate comes in.

Gate 2 — Normative compliance

We commit, structurally, to one constraint on what gets published through Jomhoor: content must not violate the 11 UN human-rights conventions that Iran is party to or that codify jus cogens (peremptory norms), together with the Yogyakarta Principles:

Universal Declaration of Human Rights (UDHR)
International Covenant on Civil and Political Rights (ICCPR)
International Covenant on Economic, Social and Cultural Rights (ICESCR)
Convention on the Prevention and Punishment of the Crime of Genocide
Convention against Torture (CAT)
International Convention on the Elimination of All Forms of Racial Discrimination (ICERD)
Convention on the Rights of the Child (CRC)
Convention on the Elimination of All Forms of Discrimination against Women (CEDAW)
Convention on the Rights of Persons with Disabilities (CRPD)
International Convention for the Protection of All Persons from Enforced Disappearance (CED)
Rome Statute of the International Criminal Court (war crimes, crimes against humanity, genocide)
Yogyakarta Principles and Yogyakarta Principles +10 (application of international human-rights law to sexual orientation, gender identity, gender expression, and sex characteristics — protecting sexual and gender minorities)

These are not Jomhoor's house values. They are the minimum legal-moral floor the international community has agreed on — and crucially, the floor that the current Iranian regime systematically violates. By gating speech against these conventions, we ensure that anyone trying to use Jomhoor to continue those violations is blocked at the platform layer.

How the check runs, mechanically

Model. A large language model with semantic reasoning. We use Claude 3.5 Sonnet via AWS Bedrock (post-MVP); the MVP uses a smaller open model with the same prompt.
Language. Persian-native prompts and rubric. The conventions are loaded in Persian translation; the model sees both the user's content and the relevant convention articles in the same language.
Hook point. Pre-publish, in the Agora API. The check runs after the user has signed the post (so the identity gate has already passed) and before the post is stored or fanned out. If it fails, the user sees a reason and can revise.
Not a toxicity classifier. Toxicity classifiers flag rudeness or slurs at the word level. Normative compliance is a semantic reasoning task: does this content advocate, justify, or normalize a violation of one of the 11 conventions? "Disagreement with government policy" is fine. "This ethnic group deserves what they got" is not. The distinction requires reasoning, not keyword matching.

Why this is structural defense against capture

Here is the threat model we actually face:

A faction — let's say a regime-aligned organized group, but the same analysis applies to any coordinated bad actor — decides to onboard onto Jomhoor at scale. They have real Iranian passports (they're real Iranians). They pass the identity gate honestly. Once inside, they coordinate to:

vote-brigade proposals,
flood the discussion with regime talking points,
normalize state violence in the comment thread,
intimidate dissenting voices,
post content that would be illegal under Iran's own constitutional human-rights commitments if those commitments were enforced.

The identity gate cannot stop this. The nullifier just guarantees one vote per passport — it does not check what they vote for. The platform looks democratic by procedure and captured by outcome.

The speech gate stops the publishing leg of this attack. Coordinated votes still happen (and quadratic voting + transparent vote counts help expose them), but the content layer — the part that shapes what the platform feels like and what new users see — is constrained against content that violates the human-rights floor.

A regime-aligned faction can argue against the Mahsa Jina Amini protests on Jomhoor. They cannot use Jomhoor to argue that the protesters deserved to be killed. That is the difference.

What this gate is not

We are very specific about what we are not doing, because the failure mode of any content gate is to over-claim and then either over-censor or under-deliver.

Not political moderation. We do not block content because we disagree with its politics. The rubric is the 11 conventions, not Jomhoor's editorial line.
Not journalistic curation. We do not promote, rank, or recommend content. The check is pass/fail at publication time, not ranking.
Not infallible. LLMs make mistakes in both directions. False positives (legitimate speech blocked) and false negatives (harmful speech allowed) will happen. We commit to:
- Transparent appeals: every block ships with the cited convention article and a one-click appeal path.
- Published statistics: monthly counts of blocks and appeals by convention, anonymized.
- Adversarial review: an external civic-tech / human-rights board samples decisions quarterly.
Not surveillance. The model sees the content and the user's pairwise subject (per relying party). It does not see the wallet address, the passport data, or any cross-platform identity. The inference runs ephemerally; we do not store the LLM's reasoning trace attached to user identity beyond the decision itself.

Known limits we have to own

Honesty register. These are real and we don't pretend otherwise.

Language coverage. The model performs best in Persian and English. Kurdish, Azeri Turkish, Arabic dialects spoken in Iran are weaker. We are tracking this and routing low-confidence cases to human review.
Model drift. LLM behavior changes when the underlying model is updated. We pin model versions and re-run a fixed evaluation suite on every change. Numbers will be published.
Coordinated paraphrase attacks. A skilled adversary can try to evade semantic checks with euphemism. This is an arms race; we don't claim to have won it. The mitigation is the conjunction of the two gates — paraphrase-evading content from a sybil army is much easier to detect statistically than paraphrase-evading content from a few real users, because the volume gives it away.
False positives have a cost. When we wrongly block a legitimate user, we erode trust. The appeal path matters as much as the block does.
We are the operators, but not the arbiters. The technical layer — the ZK identity gate, the LLM speech check, the on-chain voting — is built and run by us. The rubric that governs what passes the speech gate, the legal interpretation of the 11 conventions, the inclusion criteria that decide which constituencies the identity gate must serve, and the independent oversight that audits both — none of these sit with us alone. See the next section.

Who actually governs the gates

A platform where the technology team also writes the rubric, interprets the law, decides who counts, and grades its own homework is a captured platform by construction. To avoid that, the two gates are governed by a layered consortium of differentiated roles, not by Jomhoor alone:

Role	Function	What this role prevents
Technology operator (us)	Builds and runs the wallet, the ZK circuits, the SSO service, the speech-check pipeline, the relayers and contracts.	— (this is the layer the other roles constrain.)
Institutional steward	A civically credible, non-partisan academic/civic anchor that holds the "common democratic field", curates convention-interpretation, and convenes deliberation.	The technology operator inventing the rubric in isolation; partisan capture of the speech gate.
Legal council	An independent legal body that audits the rubric against international and Iranian constitutional human-rights law and reviews edge-case decisions.	The technology operator misinterpreting the conventions, or applying them inconsistently across cases.
Inclusive-onboarding network	A decentralized coalition that brings marginalized constituencies — minority-language speakers, ethnic and religious minorities, women's-rights groups, regional diaspora — into the platform.	The identity gate quietly excluding Kurdish, Azeri Turkish, Arabic-Iranian, Baluchi speakers (mitigates limit #1, language coverage).
Independent advisory board	International and Iranian human-rights professionals who sample decisions quarterly, publish findings, and can require rubric revisions.	The other four roles colluding without external check; rubric drift over time.

The key property is differentiation, not delegation. Each role is responsible for a specific function and accountable for it publicly. The technology operator cannot quietly rewrite the rubric. The steward cannot quietly ship a new circuit. The legal council cannot quietly add a country to the trust root. No single failure point can capture the platform.

This is the same structural principle as the two-gate design itself: separate the chokepoints, give each a different defender, require all of them to agree. Within the speech gate, that means the rubric, the law, the inclusion, and the oversight all live in different hands.

We commit to publishing:

the composition of each role (which organizations hold each function),
the decision protocol between them (what requires unanimous review, what is operational discretion),
every change to the rubric, with attribution to the role that proposed it.

Until the full consortium is in place, the technology operator publishes rubric changes unilaterally with a 14-day review window during which any party can object publicly.

The press-kit-safe summary

If you are quoting Jomhoor to a journalist, an NGO, a UN agency, or a funder, this is what is true:

Two gates, not one. Identity (zero-knowledge passport proofs) and speech (normative compliance against 11 UN human-rights conventions).
The threat model is platform capture by legitimate-but-coordinated factions, not bots and not bad words.
The speech gate is not political moderation. It is a floor, not a ceiling. The floor is the international human-rights consensus.
Both gates are auditable. Identity proofs are on-chain. Speech decisions ship with cited articles and appeal paths; statistics are published.
Both gates have limits we name openly. The identity gate cannot detect captured-but-legitimate identities. The speech gate makes classification errors and runs in stronger Persian than in minority languages. The combination is stronger than either alone.
Neither gate is governed by Jomhoor alone. The technology operator builds and runs the system; an institutional steward curates the rubric; a legal council audits it against human-rights law; an inclusive-onboarding network ensures marginalized constituencies are not silently excluded; an independent advisory board reviews decisions and can require revisions. The differentiation of these roles is the point.

Glossary

Term	Meaning
Identity gate	The ZK passport / INID proof + on-chain nullifier. Enforces "one person, one identity."
Speech gate	The pre-publish normative compliance check against 11 UN conventions.
Capture	A coordinated group using legitimate identities to dominate a platform.
Sybil	A single actor pretending to be many distinct identities.
Normative compliance	Semantic check against codified human-rights norms — not toxicity, not politics.
Pairwise subject	The per-relying-party anonymous identifier used in SSO. The LLM sees this, not your wallet or passport.
Jus cogens	Peremptory norms of international law (e.g., prohibitions on genocide, torture) — non-derogable.

Next: Sign in with Jomhoor →