Comment by somenameforme
6 hours ago
Can you give a brief explanation of how this is done with a zero-knowledge proof? That site is low information and painful to navigate, and it seems quite surprising to me that this is possible. ID verification, in the government sense, is ostensibly going to require matching an ID against a some other resource. If done locally then you can trivially spoof the result, akin to hacking a game, but if done remotely then it's not zero-knowledge.
I think a zero-knowledge system here would be quite desirable. But a centralized repository that is e.g. maintaining tabs on every single adult-authorization for every single person with verifiable details of them is, by contrast, a dystopic disaster waiting to happen because it will be hacked, leaked, and abused, sooner or later.
https://blog.google/innovation-and-ai/technology/safety-secu...
Basically you can prove that you have an identification document and that a certain property is true without revealing anything else.
A nitpick I have about contemporary descriptions of tech is that it tends to be heavily polarized. It's either 'here is how it works' in a way that is dumbed down to the point of meaningless, or 'here is the source code and white paper' in a way that is so esoteric that it again is largely meaningless if you don't intend on spending an afternoon deep diving the topic.
For some contrast this [1] is an infographic from NASA about the Apollo program in the 60s. Enough details to inform one from a technical perspective, but also organized well enough that even if you know nothing about space or space flights, you could walk away with a pretty good idea of what's going on, and it might even spark your interest enough to research some things you didn't follow.
[1] - https://assets.science.nasa.gov/content/dam/science/psd/luna...
Most countries in the EU already have widely accepted identity proof apps mostly verified by the banks or the government itself. Once verified the identity app gets a certificate which is signed by the authority which issues the identity. We all know how that works as that’s how TLS works as well. The zero proof age check is based on verifiable credentials and the related verifiable presentation. Once you have a wallet with your identity it’s not hard to issue cryptographic proofs of some properties of your credentials, and age is a property of your identity credentials basically. To learn more about the technical details, search for the specifications I mentioned above: verifiable credentials, verifiable presentations.
Ah, and the sites (or whatever else) can then verify the key is valid locally? Assuming that is the case, that'd make for a surprisingly nice system, further assuming that the produced credential is not reversible. I'm highly cynical and so I expected it to be a backdoor for surveillance as it feels like most things under the pretext of 'won't anybody think about the children' are.