| ▲ | semi-extrinsic 7 hours ago | |
> We could potentially do ID checks that only show exactly what the receiver needs to know and nothing else. A stronger statement: we know how to build zero-knowledge proofs over government-issued identification, cf. https://zkpassport.id/ The services that use these proofs then need to implement that only one device can be logged in with a given identity at a time, plus some basic rate limiting on logins, and the problem is solved. | ||
| ▲ | worldsayshi 2 hours ago | parent | next [-] | |
Yes this is what I'm thinking about! The challenge here though is to prove to the user, especially without forcing the user to go into technical details, that it is indeed private and isn't giving away details. The user needs to be able to sandbox an app like that and have full control of its communications. | ||
| ▲ | 9dev 7 hours ago | parent | prev [-] | |
Thank you - this gets way too few attention especially among tech folks. People act like uploading your government ID to random online services was the only solution to this problem, which is really just a red herring. | ||