All data is aggregated & privacy-preserving. No raw biometrics exposed. Data belongs to users — ZWISERFIT cannot access it by design.
One node. 7 years. 100% capture rate. In the hardest place to collect — the physical world.
This repo contains aggregated, privacy-safe statistical evidence from the ZWISERFIT physical verification node (惠鑫万江新村店, Dongguan). Every number here is derived from door-access-gated data — not surveys, not opt-in panels, not phone sensors.
Data flows through a physical hardware attestation chain that makes fabrication impossible:
Member arrives → Face recognition gate (biometric verifier)
→ Turnstile opens (physical gate event)
→ Exercise session (sensor array: 15 metrics)
→ Session ends → device logs timestamp + duration + intensity
→ Hash attested to chain (ZWF-20 protocol)
Hardware attestation layer in operation since 2020. Every session is tied to a verified human presence at a physical coordinate — not a device ID that could be emulated.
| Layer | What it proves | Attack surface |
|---|---|---|
| Face recognition gate | A specific human was physically present | Anti-spoofing liveness detection |
| Turnstile + device | Entry + activity happened in physical space | Cannot forge without physical access |
| 15-sensor array | Exercise quality and duration | Multi-sensor cross-validation |
| Hash attestation | Data integrity from capture to storage | Tamper-evident chain |
Why this matters: Most "behavioral data" is phone sensor + GPS — easily faked, easily automated. ZWISERFIT data requires physical presence at a specific door. No known attack can generate fake door-gate events at scale.
xychart-beta
title "Active Members by Year (2019-2026)"
x-axis [2019, 2020, 2021, 2022, 2023, 2024, 2025, 2026]
y-axis "Members" 0 --> 150
bar [12, 28, 45, 62, 78, 85, 95, 105]
| Year | Active Members | YoY Growth | Cumulative |
|---|---|---|---|
| 2019 (Year 1) | 12 | — | 12 |
| 2020 (Year 2) | 28 | +133% | 40 |
| 2021 (Year 3) | 45 | +61% | 73 |
| 2022 (Year 4) | 62 | +38% | 107 |
| 2023 (Year 5) | 78 | +26% | 156 |
| 2024 (Year 6) | 85 | +9% | 173 |
| 2025 (Year 7) | 95 | +12% | 192 |
| 2026 YTD | 105 | — | 105 (active) |
xychart-beta
title "Average Visits per Member per Month (2026)"
x-axis ["Jan", "Feb", "Mar", "Apr"]
y-axis "Visits" 0 --> 12
line [8, 10, 11, 9]
| Frequency Tier | % of Members | Avg Sessions/Month | Retention Correlation |
|---|---|---|---|
| Heavy (>12x/mo) | 12% | 14.3 | 94% 12-month retention |
| Regular (4-12x/mo) | 45% | 7.8 | 78% 12-month retention |
| Light (1-4x/mo) | 33% | 2.4 | 42% 12-month retention |
| Trial (<1x/mo) | 10% | 0.6 | 12% 12-month retention |
| Period | Avg Duration (min) | Median Duration (min) | >60min Sessions |
|---|---|---|---|
| 2019-2020 | 52 | 45 | 38% |
| 2021-2022 | 58 | 50 | 45% |
| 2023-2024 | 63 | 55 | 52% |
| 2025-2026 | 67 | 60 | 58% |
Duration has increased 29% over 7 years — members train longer as the facility matures and AI-guided programming improves adherence.
xychart-beta
title "Member Retention by Cohort (2020-2026)"
x-axis ["3mo", "6mo", "12mo", "24mo", "36mo+"]
y-axis "Retention %" 0 --> 100
line [82, 68, 55, 38, 22]
| Cohort | 3-Month | 6-Month | 12-Month | 24-Month | 36+ Month |
|---|---|---|---|---|---|
| 2020 | 78% | 62% | 48% | 32% | 18% |
| 2021 | 80% | 65% | 52% | 35% | 20% |
| 2022 | 82% | 68% | 55% | 38% | 22% |
| 2023 | 85% | 72% | 58% | — | — |
| 2024 | 88% | 75% | — | — | — |
| 2025-2026 | 90% | — | — | — | — |
Retention improves by ~2-3% per year as AI-guided programming and data-driven member engagement continue to optimize.
| Year | Revenue (¥) | Membership | PT | Other |
|---|---|---|---|---|
| 2022 | 58,200 | 72% | 22% | 6% |
| 2023 | 67,400 | 68% | 25% | 7% |
| 2024 | 72,100 | 65% | 27% | 8% |
| 2025 | 76,400 | 63% | 28% | 9% |
| 2026 YTD | 76,432 | 72% | 26% | 2% |
Independent industry research (not signed LOIs — this is market data, not commitments) indicates strong demand for verifiable physical behavior data:
| Insurer Type | Annual Willingness to Pay (¥/person) | Required Data Minimum |
|---|---|---|
| Life insurance | ¥50-100 | 12+ months continuous activity history |
| Health insurance | ¥100-180 | 6+ months with biometric markers |
| Critical illness | ¥150-250 | 24+ months with verified hospital absence |
| Reinsurance | ¥80-200 | Aggregated pool data, minimum 500 members |
Market context:
- China health insurance premiums: ¥1.2 trillion (2025)
- Major carriers (Ping An, Taikang, CPIC) actively piloting behavior-linked underwriting
- Current "behavioral data" used is phone-step-counting — no verification
- A verifiable physical activity proof layer would reduce underwriting uncertainty by an estimated 40-60%
ZWISERFIT data meets the verification standard that insurers require. Our access-gate hardware attestation creates the first data stream insurers have called "auditable" — unachievable with phone sensor data.
All data in this repo is aggregated and de-identified. The underlying raw data is protected by:
Member
├── DID (Decentralized Identifier) — self-sovereign identity
├── Activity data → Encrypted → MPC node
├── Authorization required via DID wallet signature
└── Insurer/third party → Requests query → MPC computes → Returns result (no raw data)
| Property | Implementation |
|---|---|
| Self-sovereign identity | Each member controls their DID. No central authority can unilaterally access data. |
| Data never leaves custody | Multi-party computation (MPC) computes on encrypted data. Raw data never exits the node. |
| Authorization at session level | Every query requires a DID-signed authorization. Authorizations are per-query, time-bounded, revocable. |
| Differential privacy | All aggregate statistics in this repo have ±2% noise added at the cell level. |
| Compliance | Architecture conforms to Personal Information Protection Law (PIPL) and GDPR principles for biometric data. |
A data licensor (e.g., insurer) can query: "What percentage of this pool's members exercised >8 hours per week for the past 12 months?" and receive an answer — but cannot access any individual's raw exercise data. The system proves the answer is correct without exposing any underlying record.
This repository's data follows the ZWF-20 Behavior Data Asset Standard v1.0 — the world's first open standard for physical behavior data RWA (Real World Asset) tokenization.
| Standard Component | Description | Reference |
|---|---|---|
| Event Types | 6 event types: checkin, checkout, workout_start, workout_end, body_metric, equipment_use | ZWF-20 Standard |
| Quality Levels | QA (dual-verified) → QB (single-verified) → QC (limited) → QD (demographic) | — |
| Privacy Boundary | What never leaves the node: raw video, facial vectors, PII, GPS | privacy.md |
| Anti-Forgery | 4-layer: door access × face match × sensor cross-validation × behavior pattern analysis | methodology.md |
| License | PDL v1.0 — Programmable Data License (5-tier, DRM3-aligned) | PDL-LICENSE |
| Trust Architecture | 3-party trust (Settlor/Trustee/Beneficiary) + 4-layer firewall | TRUST Architecture |
| Compliance | Multi-jurisdiction: CN/DSL, CN/PIPL, HK/PDPO, SG/PDPA, GDPR | COMPLIANCE |
All standards are open for RFC contributions. See CONTRIBUTING.md.
data/
README.md ← You are here
aggregate/
membership-growth.md ← Detailed membership analysis
visit-frequency.md ← Frequency distribution and trends
session-duration.md ← Duration analysis over 7 years
retention-analysis.md ← Cohort retention deep dive
methodology.md ← Full data collection methodology
privacy.md ← DID + MPC privacy architecture
industry-demand.md ← Insurance market analysis
node-health.json ← Physical node real-time health (automated)
Live health data for the physical verification node is available in node-health.json.
Data is not the gold. Data that can be verified is the gold.