> Because it's not about age verification, it's about setting up infrastructure to enable incremental enchroachment on privacy.

Yes. You are emphasizing a reason it would be a good idea.

Sideline the ulterior/hidden motive. Or at a minimum, force it into the open, where it has less of a chance. (Ulterior motives are kept quiet for a reason.)

> Fun fact: many ZK identity solutions run centralized provers and can be subpoenaed. Need to use something that generates proofs client-side.

Subpoenas are one of the many privacy problems solved by this.

If there is no log of your real identity tied to visiting a site, there is nothing to hack or subpoena.

A verifier can report you got keys validated. But they don't know what sites they were for.

Sites can ensure users are vetted for age. Without knowing who they are.

This is such a classic cryptography scenario, I don't know how it isn't being pushed to the center of this debate. Anything that reduces the practical tension between divisive goal posts is going to have practical benefit, and make worst case legislation much less likely.