EU chief calls for a bloc-wide push on an age verification app to protect children online. If enforced, users will have to prove their age to access legally restricted sites.
The architecture for Zero Knowledge Proofs is not novel and well understood.
You prove your identity to the issuer of tokens. They issue you a set of signed tokens that only they could have signed. You issue one of these tokens and a nullifier to a location that needs to verify your age. The verifying location checks the signature and lets you in. They return the nullifier to the token issuer.
The issuer can OF COURSE verify that you’ve used your tokens if they store the tokens they issue. You do have to trust your government for this system to work. But you already trust your government not to mass-surveil you through your ISP, mobile phone provider and credit card spend. This doesn’t increase your defend surface.
Which goal posts have I moved?
The architecture for Zero Knowledge Proofs is not novel and well understood.
You prove your identity to the issuer of tokens. They issue you a set of signed tokens that only they could have signed. You issue one of these tokens and a nullifier to a location that needs to verify your age. The verifying location checks the signature and lets you in. They return the nullifier to the token issuer.
The issuer can OF COURSE verify that you’ve used your tokens if they store the tokens they issue. You do have to trust your government for this system to work. But you already trust your government not to mass-surveil you through your ISP, mobile phone provider and credit card spend. This doesn’t increase your defend surface.