| ▲ | Aurornis 4 hours ago |
| Thanks for posting this. The inherent problem with all zero knowledge identity solutions is that they also prevent any of the safeguards that governments want for ID checking. A true zero knowledge ID check with blind signatures wouldn't work because it would only take a single leaked ID for everyone to authenticate their accounts with the same leaked ID. So the providers start putting in restrictions and logging and other features that defeat the zero knowledge part that everyone thought they were getting. |
|
| ▲ | hiciu 3 hours ago | parent | next [-] |
| > A true zero knowledge ID check with blind signatures That is not true and "true zero knowledge ID check" + "age verification" with blind signatures is what's being implemented by the EU ID project. So someone's id leaks. It happens. In EUDI there are things called "cryptographic accumulators of non-revocation proofs". If your ID leaks it goes into the accumulator. Similar to the certificate revocation lists. During check, you include claims "im over 18" and "my id is not in the accumulator". This is included in the standard. This is also (I can only assume) one of the reasons why EUDI wallets require play integrity / attestation / secure element on the device. So your private key won't be easily leaked and no one can steal your ID. |
| |
| ▲ | Aurornis an hour ago | parent [-] | | You're assuming the leak was accidental, the person knows about it, and they didn't intend for others to use it. What happens when someone sets up a marketplace where people can sell those blind signatures using their ID for $2 each? And then kids just pay $2 to have someone else blindly use their ID to validate the account, because supposedly the system is structured so that nobody can tell which ID was used or tie it back to the account? | | |
| ▲ | hiciu an hour ago | parent [-] | | That's where the google play integrity / attestation comes into the effect. In theory you cannot export your private key from the device (from the secure element), so for each $2 someone would have to quickly unlock their phone, scan code via the app and so on. |
|
|
|
| ▲ | dogcomplex 3 hours ago | parent | prev | next [-] |
| This specific problem is solved by requiring that any anonymous ZK ID once used for an account be marked on an immutable ledger preventing multiple uses of the same ID. Sharing it would be pointless as multiple attempts to use it get burned. Yet none of those sites know who you are, only that you have a unique valid ID pass. They just have to check any login attempts against that ledger - easy enough. |
| |
| ▲ | donmcronald 14 minutes ago | parent [-] | | > They just have to check any login attempts against that ledger - easy enough. So like CT logs, but several orders of magnitude bigger? I thought centralized TLS revocation lists failed due to scale. How will this differ? |
|
|
| ▲ | jajuuka 3 hours ago | parent | prev [-] |
| I mean that's kind of a problem with ANY solution. There will be workarounds and ways to break it. There is no perfect solution outside someone standing over you while on the internet. We need to look at this more like age checks on porn sites and gaming platforms where you just put in a birthdate. Obviously someone can lie, but that point isn't to be a perfect wall but a hurdle to clear to make sure users are aware of the content and that any sort of nanny software to block if set up. |
| |
| ▲ | Aurornis 3 hours ago | parent [-] | | > I mean that's kind of a problem with ANY solution. There will be workarounds and ways to break it. That's unnecessarily reductive. Yes, every solution will have problems, but not all solutions have similar problems. If a solution has problems such that it can be immediately reduced to security theater and bypassed by any teenager who cares, it's just extra hassle and privacy degradation for the rest of us. These details matter. If a weak solution is regulated into law and the government discovers kids are easily bypassing it, they will immediately pivot into requiring more restrictions on it. | | |
| ▲ | jajuuka 2 hours ago | parent [-] | | Extra hassle is manageable. Sites or programs that want you to put in a birthday are extra hassle but objectively better than something like submitting an ID. Privacy degradation is also manageable as well. It just depends on the solution. We've had decades of age gating being "are you 18+ or not" yet it is only now that talks of something more enforceable are coming up. This discussion is largely about how one can create a sense of safety and protection. For the more extreme end it's face scans and submitting ID. Even though these are bypassed by any teenager who cares they are still being pushed seriously because it instills that sense of safety and protection for children. Security theater is just a part of managing the internet and not going away unfortunately. |
|
|
