Comment by Aurornis

> In the non-zero-knowledge case, it's possible to revoke falsely shared credentials.

In a true zero-knowledge system sharing falsely shared credentials becomes easy because it’s untraceable. If the proof has no knowledge attached, you can’t conclude who used their credentials on a website that generates proof-of-age tokens on demand for visitors.