logoalt Hacker News

mindslighttoday at 12:38 PM1 replyview on HN

There is an important question you haven't asked: As presented, is this system secure for the implied use cases?

And the answer to that is a resounding no. As long as you can run software of your choosing, then it is trivial to proxy a zero knowledge proof such that a third party can provide proof of the given property for you to use. If the system is really zero-knowledge, then that third party will suffer no repercussions for defeating the purpose of the system. And we can easily imagine people willing to provide this service (for ideological reasons and/or simply payment).

To be secure, all of these schemes rely on an unstated assumption of remote attestation that will prevent users from running their own software. Locking down computing is Google's basic agenda, but saying this would make the systems less appealing to people, so they obviously downplay it.


Replies

rcxdudetoday at 3:01 PM

This is a big one, yeah. It looks like the current proposed system in the EU requires attestation that the relevant keys are stored in a certified HSM that will e.g. rate-limit the generation of keys.

(I found a list of requirements for them here: https://eudi.dev/2.4.0/annexes/annex-2/annex-2-high-level-re... )