> But once you get the response you can unblind the signed signature and obtain the token (which is just the unblinded signature).

The premise of this is to keep the person issuing the tokens and the person accepting them from correlating you.

The issue is when you have more than one service accepting them. You go to use Facebook and WhatsApp but they're both Meta so you present the same unblinded signature to both services and now your Facebook and WhatsApp accounts are correlated against your will. And they have a network that does the same thing, so you go to use a third party service and they require you to submit your unblinded signature to Meta which allows them to correlate you everywhere.

▲

coppsilgold 9 hours ago | parent [-]

> you present the same unblinded signature to both services

You would never do this as it defeats the entire purpose of using blind signatures to begin with.

	▲	AnthonyMouse 9 hours ago \| parent [-]
		That's the point. You go to example.com and get the "sign in with Google" box as the only login option, but now you can't have separate uncorrelated Google accounts. Or if browsers do it automatically then every site does a background load or redirect through adtracker.nsa so you're presenting the same token on every service. It's not the user who wants any of this to begin with. "You would never do that" except that it's now the only way to be let into the service.