ZK proofs for identity can't go mainstream quick enough. I agree with what you're saying completely. It's frustrating that we have the technology now to verify aspects of someone's identity without revealing it, but that it's going to take forever to become robust enough for mainstream use.
It's an interesting litmus test because regulators would not accept ZK age proofs unless the stated purpose of age verification laws (reduce harm to minors) is the _actual_ purpose of those laws.
Not some different unstated goal, such as ending online anonymity.
That is exactly what EU is doing with its age verification law. Basically the service provider just has to accept the certificate and check that it is valid and all the cert says is "is over X years old".
https://ageverification.dev/
And the fact that the companies have to implement the system themselves is just crazy. It is very obvious that if the government require such a check it has to provide the proof/way of checking just like in the physical world it provides the id card/passport/etc used for checking this.
> just like in the physical world it provides the id card/passport/etc used for checking this.
In Sweden it wasn't the government that provided id cards, but the post office and banks. It became the government's job sometime after Sweden joined the EU, after the introduction of the common EUID standard.
And even then online identification is handled by a private company owned by banks: https://en.wikipedia.org/wiki/BankID_(Sweden)
Yeah we have something similar here in Finland with banks doing most of the (strong) identification.
This also makes things difficult for immigrants for the first month or two in the country as a lot of services (like making a phone or internet contract) require this identification to use but it is also a bit of a hassle to get a bank account (but getting a new bank account in a different bank once you have a bank account to do the strong verification takes like 2 minutes)
There is a government system but most don't use it but I expect once the eu digital identity wallet thing rolls around a lot of ppl will switch (or be required to?) to that
https://commission.europa.eu/strategy-and-policy/priorities-...
But very importantly this government, bank id, the identification part of the eu id wallet or really any identification system should not be used for age verification as it actually identifies the user not just give a proof that the user is over X years old.
These systems likely could be extended to just provide age information. If there truly was a wish for it. The suomi.fi systems can be configured. To pass or not pass address for example. So I see no need to pass personal identity number.
Yes and the "backend" (what provides the certificate to the app) for the age verification app for Finland will most likely be suomi.fi (or some dvv.fi thing directly) systems.
But we can't realistically expect every service that needs age check to work with 27 (eu countries) different systems but instead we need to unify it into a single api contract which is what this age verification app basically does.
We have BankID in Norway, run by DNB (I think). A single service that uses my personnummer (like a social security number but actually unique) as my user name and logs me in to almost all government services, banks, insurance companies, etc.
> And the fact that the companies have to implement the system themselves is just crazy.
Isn’t this how most industry regulations work? It’s not like the government provides designs to car companies to reduce emissions or improve crash safety.
Government does issue passports for identiftying their citizens when traveling. It is the one who made/enforces the law that requires that so it is the one who has to provide the means to do that.
Or are you suggesting that anyone should be able to make their own passport?
Or a bit closer example. If there was no official id cards/passports/etc (there currently is no official way of proving your age online) and the government made a law that mandates that one has to be over X to buy alcohol. Who’s job is it to provide the means to prove that you are over X?
For the car a proper analogy would be the goverment requiring drivers license. Who provides the drivers license? Should every manufacturer provide its own?
You mean not collecting IDs is the real answer. Easy solution is the best solution and it already is mainstream.
This is an example why that was a bad idea in the first place. No damage control for bad solutions will change that.
That does not work without treacherous locked-down hardware. The marketing by Google et al is leaving out that fact to privacy-wash what is ultimately a push for digital authoritarianism.
Think about it - the claim is that those systems can prove aspects of someone's identity (eg age), without the site where the proof is used obtaining any knowledge about the individual and without the proof provider knowing where the proof is used. If all of these things are true while users are running software they can control, then it's trivial for an activist to set up a proxy that takes requests for proofs from other users and generates proofs based on the activist's identity - with no downside for the activist, since this can never be traced back to them.
The only thing that could be done is for proof providers to limit the rate of proofs per identity so that multiple activists would be required to say provide access to Discord to all the kids who want it.
If I had my 'druthers, there would be a kind of physical vending machine installed at local city hall or whatever, which leverages physical controls and (dis-)economies of scale.
The trusted machine would test your ID (or sometimes accept cash) and dispense single-use tokens to help prove stuff. For example, to prove (A) you are a Real Human, or (B) Real and Over Age X, or (C) you Donated $Y On Some Charity To Show Skin In The Game.
That ATM-esque platform would be open-source and audited to try to limit what data the government could collect, using the same TPM that would make it secure in other ways. For example, perhaps it only exposes the sum total of times each ID was used at machine, but for the previous month only.
The black-market in resold tokens would be impaired (not wholly prevented, that's impossible) by factors like:
1. The difficulty of scaling the physical portion of the work of acquiring the tokens.
2. Suspicion, if someone is using the machine dozens of times per month—who needs that many social-media signups or whatever?
3. There's no way to test if a token has already been used, except to spend it. By making reseller fraud easy, it makes the black-market harder, unless a seller also creates a durable (investigate-able) reputation. I suppose people could watch the vending-machine being used, but that adds another hard-to-scale physical requirement.
> 2. Suspicion, if someone is using the machine dozens of times per month—who needs that many social-media signups or whatever?
Anyone who visits pornhub and doesn't want to open an account?
Yeah, introducing real world friction is seemingly one of the only ways of actually solving the problems of frictionless digital systems (apart from computational disenfranchisement, of course).
It might be a better idea to frame your idea in terms of online interactive proofs rather than offline bearer tokens. It's of course a lot less private/convenient to have to bring a phone or other cell-modem enabled device to the vending machine, especially for the average person who won't exercise good digital hygiene. Still, some sort of high-latency challenge-proof protocol is likely the way to go, because bearer tokens still seem too frictionless.
For example (3) could be mitigated with an intermediary marketplace that facilitated transactions with escrow. If tokens were worth say $2, then even just getting 10 at a time to sell could be worth it for the right kind of person. And personally I'd just get 10 tokens myself simply to avoid having to go back to the machine as much. In fact the optimal strategy for regular power users might be to get as many tokens as you think you might need to use (even if you have to pay for them), and then when they near expiration time you sell them to recoup your time/cost/whatever.
My concern with some "bring your phone and use it immediately" scheme is that someone could pierce the privacy by looking at a correlation between the time an account was mode or a pattern of network-traffic occurred, versus the time someone was using/near the vending machine.
Adding large and unpredictable amounts of latency makes that kind of correlation weaker and hopefully impractical.
>Think about it - the claim is that those systems can prove aspects of someone's identity (eg age), without the site where the proof is used obtaining any knowledge about the individual and without the proof provider knowing where the proof is used.
That is not nessisarially true. There are ZK setups where you can tell when a witness is reused, such as in linkable ring signatures.
Another simple example is blind signatures, you know each unblinded signature corresponds to a unique blind signature without knowing who blinded it.
The easy solution is the best one. Just don't collect the info. Any problems resulting from that need to be handled differently.
Proven to work and we wouldn't be dependent on untrustworthy identity providers.
I agree. It is possible, but that does not mean it should be done.
The thing is with such a ZK system you are still collecting and compiling all this data, it's just done by some sort of (government?) notary and there is a layer of anonymity between the notary and the verifier (which they can cooperate to undo).
The real political problem is the concentration of personal information in one place. The ZK system just allows that place (notary) to be separate from the verifier.
Sure, but making use of that introduces new problems.
Fundamentally it limits a person to one account/nym per site. This itself removes privacy. An individual should be able to have multiple Discord nyms, right?
Then if someone gets their one-account-per-site taken/used by someone else, now administrative processes are required to undo/override that.
Then furthermore it still doesn't prevent someone from selling access to all the sites they don't care about. A higher bar than an activist simply giving it away for free, but still.
>An individual should be able to have multiple Discord nyms, right?
Yeah, I think so. I mean this is like my 20th hacker news account. I am using my 5th discord account right now.
But at the same time it would be an interesting to see how anonymous yet sybil-proof social media would work out.
I get the feeling that it's already pretty easy to buy and sell fake IDs, so I don't think it would pan out in practice. I also had the same idea as you: if such a system were to exist, you could sell proofs for all the services you don't use.
Usually, these zero-knowlege proofs are backed by some sort of financial cost, not the bureaucratic cost of acquiring an ID. All of these "linkable" ZK proofs are aimed at money systems or voting systems.
In the blind-signature based money systems, a big problem used to be dealing with change; you had to go back and spend your unblinded signature at the signatory to get a new one. In a similar fashion, maybe you could make it so that users could produce a new ZK proof by invalidating an old one? So you could retire an old nym if you get banned, and create a new nym but you could only have one at a time? IDK if that is a reasonable tradeoff.
Anonymous proofs of age don't work, because (in theory) I could set up a server, plugged into my ID chip, that lets anyone download age proofs from me, and then anyone can be over 18. They don't just need to know someone is over 18 - they also need to know it's the same person using the website.
Make it so that the proofs are not reusable.