| ▲ | magicalhippo 3 days ago | |
EU is working on something like this[1] (got limited discussion here[2]). I haven't looked into it very much, but at a glance it doesn't sound terrible. Here's the basic flow[3]: - The User initiates an age verification process by enrolling with an Attestation Provider (AP), which collects the necessary evidence from authentic sources or trusted 3rd party private data sources. - The AP generates a Proof of Age attestation and issues it to the Age Verification App Instance (AVI) of the User. - The AVI presents the attestation to a Relying Party (RP) when attempting to access age-restricted services. - The RP checks the validity of the attestation, referencing the trusted list to confirm the AP's authorisation. So it uses an app on a mobile device as a proxy of sorts. They're also working on incorporating zero-knowledge proofs[4]. [1]: https://digital-strategy.ec.europa.eu/en/news/commission-mak... [2]: https://news.ycombinator.com/item?id=44561797 [3]: https://ageverification.dev/Technical%20Specification/archit... [4]: https://ageverification.dev/Technical%20Specification/archit... | ||
| ▲ | zigzag312 3 days ago | parent [-] | |
Yeah, something like that. I wonder, if their zero-knowledge proof version prevents leaking of identity, if any service is sharing data with the other. | ||