According to the EU Identity Wallet's documentation, the EU's planned system requires highly invasive age verification to obtain 30 single use, easily trackable tokens that expire after 3 months. It also bans jailbreaking/rooting your device, and requires GooglePlay Services/IOS equivalent be installed to "prevent tampering". You have to blindly trust that the tokens will not be tracked, which is a total no-go for privacy.

These massive privacy issues have all been raised on their Github, and the team behind the wallet have been ignoring them.

> It derives an age attribute such as "over 18" from a passport or ID, without disclosing any other information such as the date of birth.

How? If it’s analyzes my ID 100% client side I can fake any info I want. If my ID goes to a server, it’s compromised IMO.

I think the zero proof systems being touted are like ephemeral messaging in Snapchat. That is, we’re being sold something that’s impossible and it only “works” because most people don’t understand enough to know it’s an embellishment of capabilities. The bad actors will abuse it.

Zero proof only works with some kind of attestation, maybe from the government, and there needs to be some amount of tracking or statistics or rate limiting to make sure everyone in a city isn’t sharing the same ID.

Some tracking turns into tracking everything, probably with an opaque system, and the justification that the “bad guys” can’t know how it works. We’ve seen it over and over with big tech. Accounts get banned or something breaks and you can’t get any info because you might be a bad guy.

Does your system work without sending my ID to a server and without relying on another party for attestation?

In your system, can companies verify age offline, or do they need to send a token to the Government's authority to verify it (letting the Government identify and track users)?

Switzerland is working on a system that does the former, but if Government really wants to identify users, they can still ask the company to provide the age verification tokens they collected, since the Government hosts a centralized database that associates people with their issued tokens.

this is slightly better but not the hero we want or need. zeero knowledge proofs are improvement over uploading raw documents, trust is still an issue here. why should users have to authenticate with a government-backed identity wallet to access platforms to play games or access a website in the first place. we didnt have any of these guards in the 90s and early 2000s and everybody turned out just fine . in fact the average gen z is in a lot worse place than we used to be despite that we had complete raw algorithm supervision free access to the internet with far more disturbing content (remember ogrish and KaZaA)

The average person does not understand the math behind zero-knowledge proofs. They only see that state infrastructure is gatekeeping their web access. Furthermore, if the wallet relies on a centralized server for live revocation checks, the identity provider might still be able to log those authentication requests, effectively breaking anonymity at the state level.

On a practical level, this method verifies the presence of an authorized device rather than the actual human looking at the screen. Unless the wallet demands a live biometric scan for every single age check, they will simply bypass the system using a shared family computer or a parent's unlocked phone. We used to find our way around any sort of nanny software (remember net nanny)

what you are describing still remains a bubble and I really hope Americans aren't looking at EU for any sort of public policy directions here.

Correct. A ZK Proof backed identity system is a significant bump up in both privacy and security to even what we have right now.

Everyone does realize we're being constantly tracked by telemetry, right?

A proper ZK economy would mitigate the vast majority of that tracking (by taking away any excuse for those in power to do so under the guise of "security") and create a market for truly-secure hardware devices, while still keeping the whole world at maximal security and about as close to theoretical optimum privacy as you're going to get. We could literally blanket the streets with cameras (as if they aren't already) and still have guarantees we're not being tracked or stored on any unless we violate explicit rules we pre-agree to and are enforceable by our lawyers. ZK makes explicit data custody rules the norm, rather than it all just flowing up to whatever behemoth silently owns us all.

This is true, but I think it's more that those jurisdictions don't actually care about something solving this securely so much as they want face scans for other purposes?

That's really awesome. I hope that soon we will also have humanity verification without sacrificing our anonymity.

With LLMs and paid actors wreaking havoc on social media I do think that social media needs pivot towards allowing only human users on it. I wrote about this here: https://blog.picheta.me/post/the-future-of-social-media-is-h...

I have a few questions.

In that system does the age verification result come with some sort of ID linked to my government issued ID card? Say, if I delete my account on a platform after verifying and then create a new one, will the platform get the same ID in the second verification, allowing it to connect the two and track me? Or is this ID global, potentially allowing to track me through all platforms I verified my age on?

What a verification process looks like from the user perspective? Do I have to, as it happens now, pull out my phone, use it as a card reader (because I don't have a dedicated NFC device on my computer), enter the pin, and then I'll be verified on my computer so I can start browsing social media feed? Or, perhaps, you guys have come up with a simpler mechanism?

Not only EU -- Digital ID on iPhone does this today, and is accepted by many USA airports for travel, etc., with rollout for DLs.

Where can we learn more about your architecture?

Someone brought up the need for device attestation for trust purposes (to avoid token smuggling for example). That would surely defeat the purpose (and make things much much worse for freedom overall). If you have a solution that doesn't require device attestation, how does that solve the smuggling issue (are tokens time-gated, is there a limit to token generation, other things)?

Yeah, but how to convince investors that trusting the government-issued ID is good enough? /s