Opening up 'Zero-Knowledge Proof' technology to promote privacy in age assurance

1 day ago (blog.google)

Still, I don't want to gate people based on age.

Parents should at least be able to overwrite the age of their child, maybe selectively allow bypasses. My experience with a computer would have been completely different if I was blocked from half of the internet. Especially when I see which kind of content gets blocked.

  • As a millennial-aged person I saw a fair amount of content I would not want the young people in my life to see, but it's probably not nearly as harmful as the non-age gated content that they will still have access to. There is a lot creepy youtube and tiktok content that isn't off limits but still unhealthy and my younger relatives are fascinated by it.

    • Not that I want my kids looking at porn or violent content, but I’m far more concerned about man-o-sphere influencers than that other stuff.

      46 replies →

    • I was going to name drop one, but then I realized, I wouldn't want others on HN to wind up looking it up. Let's just say, you eventually see snuff films and the like. Not something any child should be exposed to, heck even as an adult, I want nothing to do with such things, but there it was, a random .mp4 someone shared, what do you do? Curiosity killed the innocence.

    • If you saw a bunch of it and presumably are fine what does it matter then? Sure it might have been uncomfortable for a few days and you may not have understood right away but so what? That's almost every week as a kid. Seeing some titties is probably the least confusing.

      1 reply →

    • We need to stop this helicopter civilization bullshit.

      We're building 1984 to protect from god knows what imaginary harms.

      Stop putting plastic wrap around people's freedoms, liberty, and right to privacy.

      30 replies →

  • Websites should have an easy way to check whether the connecting device has a child lock turned on. We don’t need to identify the person using the device at all. It should be up to parents to make sure their kids use device that are locked.

    • Or even better, just let the website return a set of flags (like age_rating=18) in a header and let the user agent decide if it wants to show it, block it, ask for approval, ...

      Then the policy lives on the user agent.

    • This is clearly the right way to do things. Just make devices have a forced choice for their age setting on initial setup, and expose that to apps and websites.

      Insane that they didn't even try this simple solution first. Yeah people will get around it, but they'll get around any solution.

      1 reply →

  • I hesitate to comment on these because hundreds of comments have already said it and I don't have anything new to add.

    - The age-gate should just be a setting on the device: either over 18 or under 18. Websites/apps should at most only be legally required to respect the device's assertions.

    - Devices should be controllable by parents: let the parents decide whether the child should be age-restricted or not.

    - Devices should have profiles so that you can let your kids use your own phone/laptop without messing up your stuff or getting into things they shouldn't.

    Historically parents have been allowed to rent R-rated movies for their kids with nudity and sex and violence even if the video store isn't supposed to rent it out to the kids directly. That was always considered okay. If I think my 16-year old is mature enough to watch some porn, that should be the parents' decision.

  • You are imagining that a solution for you will be deemed a solution for the political powers pushing for this. Or that being age-verified is the main danger of having age-verification.

    That would be nice!

    But if there isn't a safe market driven solution to age-verification, which provides anonymous, unsurveiled, age-attested site access, with no ability for the government to individual monitor, deny or revoke, then that is exactly what is going to get pushed on all of us.

    You don't defeat an enemy by not needing the manacles they are very motivated to force on everyone..

    Increasingly: We adopt zero knowledge proofs, and other decentralized open-sourced hard-security technologies, and resolve seemingly-small, but not-going-away practical issues like age & porn, or empower and "trust" every weak politician, interest group and stranger on the internet to not use our lack of awareness and defense against us.

    Add AI to the mix, and the risk/damage of passivity becomes extreme.

  • I do. I’m going to take a wild guess that you are an old head like me, male, and lived your youth in the wonderful internet free of commercialisation of human interaction, free to roam and find new cool things and people, a wonderful library of Alexandria to learn and spend time in.

    Discuss what the experience was/is to zoomers and younger, especially girls. Did you try to play a silly online game with your friends while being constantly harassed by 3-4 adult men? How many times someone offered you money (in form of “lootboxes”) to get nude pictures of you when you were severely underage? Or was on every site you visited an algorithm pushing on your face content about how you should embrace anorexia, start gambling on what Trump says on TV, use drugs, or simply do a suicide?

    Hey fellow unc’s, we really need to stop nostalgising on the computer childhood of our youth and listen to the kids (as well as a bunch of research on the topic) and face the fact that the internet of the friendly geeks and nerds of the yesterday does not exist anymore. Things have to change, if we want to have any kind of working society left whatsoever.

    • I completely agree with you, but what this shows is a momentous change in the landscape of the internet, facilitated by mass marketing, data collection, commercialisation and even financialisation of digital game assets.

      This is a huge shift that cannot be rectified by simple age filters.

      Being realistic about the problem requires being realistic about ill-conceived solutions with conspicuous benefits for commercial actors.

      Besides an array of largely static, non-interactive websites, there is no hard line between content that is suitable for young eyes and not.

If you need personalized government attestation to visit a site, then the government has the ability to dynamically deny and rescind your individual access to any site that adopts age verification, at any time.

Once adult sites adopt the system, it will creep over to any site wanting to limit their liability. Banks. Business services. Eventually almost everyone.

Liability the government will dramatize and escalate. You won't see the government pass any laws to create age-liability safe harbors.

Wikipedia is already being forced to fight to not implement age verification. Age verification managed by the government = No Wikipedia access without individually tracked, controlled and revokable government permission. [0]

Seldom has a slippery slope been so slippery.

The distance between government controlled per-citizen access to obviously adult sites, and government permissioned/controlled access to any site of substance, does not even involve a technical hurdle. It just becomes a site adoption curve. Every adoption increasing the scope of real-time government surveillance in our minute-to-minute lives, and its real-time at-will ability to deny access to whatever it chooses, whenever it chooses, and for whoever it chooses. In any combination.

Dystopia is here.

In my opinion, this is terrifying.

We need: Third party attestation, providable by anyone/entity meeting basic openly-defined criteria, limited to age attestation only, implemented with Zero Knowledge Proofs, to create a safe anonymous (unsurveiled/no personalized denials) alternative, to take the wind out of the sails of this constant governmental power grab. If it isn't solved by security minded technologists and the marketplace, the freedom destroying version will prevail - and it won't be undone.

[0] https://www.eff.org/deeplinks/2025/07/we-support-wikimedia-f...

  • We don't need age attestation or any kind of identity attestation, period.

    • You are framing the debate in a reasonable way.

      But apparently are unaware that this debate is being forced by powerful unreasonable people who are not going to give up if we leave a resolution up to them.

      Reasonable and informed people want to avoid that. By stronger means than repeating “I don’t need that” until we realize that didn’t work.

      When a site you and i need requires you and I to register with our governments to access it, how is your reasonable opinion going to help us navigate that?

  • > Once adult sites adopt the system, it will creep over to any site wanting to limit their liability. Banks. Business services. Eventually almost everyone.

    This needs more emphasis. Once we make (even zero-knowledge) proofs convenient and common, it'll spread, and soon it won't be just age that's getting assured.

Zero-knowledge seems to be a bit of an oversell here. It is more like you break the knowledge up and only share the relevant parts with each party. And the facilitator (Google) arguably has access to the most information out of any of the parties involved.

  • zero-knowledge proofs are a well-known tool in cryptography [1]. All Google is sharing is the library to implement it. Google would not have access to the information any more than they have access to the bank info of people who use Android or Gmail.

    [1] https://en.wikipedia.org/wiki/Zero-knowledge_proof

    • It's my understanding that they are sharing the library but they will also be involved as a facilitator, at least to the extent that people use their identity wallet service. It also seems like they will have access to who you are sharing information with, which seems like the most valuable information for a company in their position, with nothing but a pinky promise that it will not be tracked. Let me know if any of that is inaccurate.

      3 replies →

    • > any more than they have access to the bank info of people who use Android or Gmail.

      ...but they do? Google pay gives them your credit card and transaction details; any time your bank sends a statement to your gmail account, Google has that, too.

      Am I missing your sarcasm?

  • There are true ZKP setups where no one learns anything but the absolute minimum (e.g. is this person over 16, not what is their dob). This is hard to prove though and I don't know if I trust Google to do it

  • Ideally the government would be the issuer and the facilitator but the US lacks the state capacity to do this. Maybe it will work that way in Estonia.

    • The US is in the weird position of having a class of people (undocumented immigrants) who are often provisionally allowed to live there, known to their state in some capacity, and yet unable to receive some government documents that a permanent resident or citizen would be entitled to.

      Europe doesn't really have that status. Either you're known to the government and can receive documents from it, or you're a criminal in hiding, avoiding any and all government offices.

      2 replies →

Lots of bias in this thread. But maybe we can have a technical discussion?

I'm not into this topic, so maybe someone else can answer this: How "zero-knowledge" is this actually?

As far as I understand, there are three parties here: 1. Me, the user; 2. The site I want to access; 3. The attestor (google? my government?). What do they know about each other?

Does the site know who I am?

Does the site know who my attestor is (and therefore, for example, that it doesn't like Winnie-the-Poo memes)?

Does the attestor know what site or kind of content I want to visit (and therefore e.g. if he agrees with it)?

Does the attestor know who I am?

Do I always know who the site and attestor are, and when this proof happens?

  • I have some experience with zkp, so I’ll try to answer your question to the best off my ability. First on the terminology, the “attester” in this case I assume is whoever is anchoring the data or issued the credential you’re trying to prove. For the canonical example, let’s say you’re trying to prove age >= n via a government ID.

    1. The site does not know who you are. This is the whole point. You generate a mathematical proof you possess a valid government ID that says “age >= n”

    2. Yes. You are generating a zkp based on information anchored by the attester. In this case the ID issuing gov. That attester can be something other than a gov, but zkps are a bit useless if the site doesn’t know what exactly is being proved. In this case you are proving “I possess a government ID saying age >=n”. You must know about the government to care about this proof.

    3. Not in this case. The attester only knows it has issued you an ID, but does not need to be further consulted. You could certainly construct a scheme such that you require a ZKP of recent written permission from some entity, but this is not inherent to ZKPs.

    4. This is a UX question. If the ZK wallet and website are implemented in such a way that it’s always displayed when a credential is requested and what credential that is, then yes.

  • I'm not an expert either, but i've studied it a little and tried some of these stuffs.

    First, the attestor is not google. Google here only provides the infra (to generate proof and verify them). Let's call the attestor the issuer, and it's the trusted authority that gives you a proof of identity.

    A possible flow is:

    1. (pre-req) Some issuer (a state, bank, mobile operator, etc.) issues a signed credential to my wallet (stored on my phone, for instance). This could be a full digital ID, or a narrower “proof of age” attestation.

    2. Later, a site asks my browser for a proof that I satisfy some predicate, e.g. age >= 18. The site provides the "zk-program" (circuit) that needs to be executed, and awaits for proof (which are essentially proof of executions of the program on trusted yet undisclosed inputs).

    3. My phone generates (ideally locally, but not ready today yet) a ZK proof that it knows a valid issuer-signed credential whose hidden attributes satisfy that predicate. Essentially, it is executing the circuit with some inputs (some are public, like public key of issuers, some of private, like the issued ID)

    4. The site verifies the proof against public inputs: the issuer public key, the circuit being used, the predicate being requested, and a fresh nonce/challenge.

    So to answer some of your questions.

    > Does the site know who I am? Not from the ZK proof itself, it will know who has issued your ID.

    > Does the site know my attestor? Yes, it knows their public key.

    > Does the attestor know what site I am visiting? No.

    > Does the attestor know who I am? Yes

    > Do I know who the site and attestor are, and when proof happens? I guess there are multiple possible ways to do this, depends on the UX.

  • I tried to find something definitive, but it would take more time than I have right now. So to some degree this is assumptions, though generalized.

    * Does the site know who the user is: No. That's the entire purpose here.

    * Does the site know who the attestor is: Yes, they need to validate asymmetric crypto on the proof, so they need a list of public keys (which they can attach attestor identity to).

    * Does the attestor know what kind of content I want to visit: They should not. With the JWT you can validate without telling the attestor which user's proof you validate. OTOH, if there's some "is this one revoked" type of API one could easily re-introduce such an information channel on accident.

    * does the attestor know who the user is: Yes (or at least have some bits of information about you they are willing to attest to others. In practice assume it's Google/Apple/MS with information associated with your account, or your bank or ...)

    * Does the user always know site/attestor: From a technical perspective yes. From a practical human one... doubtful.

    --Googler, though far removed from this project, so no internal knowledge.

  • Its not really possible to know.

    the system is valid zkp but any of the services in practice can still collect personally identifiable information from their users.

    There is also nothing stopping the attestor to collude with the site you want to access, to reveal information about you.

    • If you are controlling the middle part of the zkp (or at least can validate it), then identification should not be possible through the zkp even if the attestor and and site collude with each other (they could maybe collude based on some other information, like IP address or browser fingerprinting, ofc).

      1 reply →

  • There is an important question you haven't asked: As presented, is this system secure for the implied use cases?

    And the answer to that is a resounding no. As long as you can run software of your choosing, then it is trivial to proxy a zero knowledge proof such that a third party can provide proof of the given property for you to use. If the system is really zero-knowledge, then that third party will suffer no repercussions for defeating the purpose of the system. And we can easily imagine people willing to provide this service (for ideological reasons and/or simply payment).

    To be secure, all of these schemes rely on an unstated assumption of remote attestation that will prevent users from running their own software. Locking down computing is Google's basic agenda, but saying this would make the systems less appealing to people, so they obviously downplay it.

It is suspicious to me that "age assurance" is trending EXACTLY as AI agents become capable of autonomously operating a personal computer in the same way a human office worker would.

I'm afraid "age assurance" has nothing to do with "the children".

  • >It is suspicious to me that "age assurance" is trending EXACTLY as AI agents become capable of autonomously operating

    It is not, because your premise is false. This whole thing has been going on for as long as kids have been online. The early 2000s tried (and obviously failed) by using credit cards. The UK tried and failed last decade to ban porn for minors this way. AI tools are probably not even on the radar for the kind of politicians that keep pushing this.

    • > AI tools are probably not even on the radar for the kind of politicians that keep pushing this.

      Forget about the politicians for a bit. There still are many regions on the globe where no age verification is mandatory, yet websites chose to implement it anyway. Why, if not for tracking and bots?

      1 reply →

  • > I'm afraid "age assurance" has nothing to do with "the children".

    and you should be afraid, very afraid. Because none of these (and other measures to invade privacy) has ever had anything to do with children.

  • The point of ZKP in EU wallet is that it separates checking age and privacy.

    You can both give a proof your age and not lose privacy.

    • Except that ZKP for sensitive data is far from being a thing, and also, I don't want the fucking government to have anything to do with what sites I access. Period.

      Why the hell do I need to login to my digital wallet to access a fucking website???

      4 replies →

Age is just one metric. I don't want zero proof tech about information X. I don't want to have an identity. Full stop.

  • This can be used to have zero-proof knowledge of "over 18" or "not over 18". So they don't really get your age, except that you are in two broad ranges.

    • If you get enough signals like that you can often narrow down a very large cohort of people to an individual.

      First it's 'over 18?', then it's 'over 25?', and then 'biological sex?', 'employed?', 'enjoys posting on HN?', 'active in the early morning?' and after half a dozen questions, all with binary answers that are safe individually, you can zero in on a 23 year old woman who has a job and posts on HN in the morning.

      Ask a few dozen questions like that and you'd be able to sieve an individual from a group of millions, especially if they're unlucky enough not to be absolutely typical.

      4 replies →

    • I think anon's point is that it could be used for other attributes in the future, like your nationality or... your social credit score (don't worry, it only proves that your score is over or under 500).

    • The point perhaps is that these things enable discrimination based on extremely gross grained and defective criteria - in some ways the least relevant parts of your identity.

    • the visited site won't have the info. but someone in the chain will definitely know your identity. the government, private contractors.

"ZKP makes it possible for people to prove that something about them is true without exchanging any other data. So, for example, a person visiting a website can verifiably prove he or she is over 18, without sharing anything else at all."

But not "...without sharing anything else even when setting up your token."

Can I prove that some cryptographic token A) doesn't contain any PII and B) that the token itself can't be used as an ID tied to my identity in a Google or government database?

No and no. So, I do not support schemes like this.

  • As I understand it, ZKPs can prove both those properties. You can get a certificate from whoever is trusted to verify that you're over 18, and then you can use that to generate tokens that only encode the information 'X has verified that I am over 18' without either the original verifier or the entity you are providing it to being able to link that to the original certificate.

    See section 2 of this document: https://eudi.dev/2.4.0/discussion-topics/g-zero-knowledge-pr... . If there are any objections that this is not technically feasible to achieve in practice, I would like to know what they are.

    (Also, AFAIK, setting up such a thing would comply with any of the age-verification laws that are being proposed around the world. You could even set up this as two arms of the same company and be able to prove to your users that while you've seen all their IDs, you cannot link their usernames to their IDs. This still isn't the best because you're still handling their PII with associated risk of leaks but it's a lot better than anyone is doing ATM)

    • I think that depends on how do you define PII.

      I suspect the ZKP proof or token is practically unique and related to you, so I could be personal data if you use the definition from GDPR.

      With ZKP the entity and the original verifier shouldn't be able to match your identity to the ZKP proof or token, but the app on your phone of course can do that.

      The app probably will be made some government contractor and there is no technical measure that would prevent them to just share all that data with whoever they want.

  • Of course not? The idea would be a government (who already has your age data for example) will allow you to create a signed message and the platform you are verifying your age to doesn't know who you are, what age you are but that you are of age

    • And also, crucially, that the government does not get to know what platforms you are visiting. (the process goes: you get a certificate for certain facts, then your 'ID wallet' generates a ZKP itself that can prove that you have a certificate of any subset of those facts, and neither the certificate issuer nor the receiver of that proof can link that to anything but those facts, even if they collude)

ZKP for this purpose is a trojan horse for identity tracking and device attestation, as those are prerequisites for avoiding the scenario of someone printing attestations that everyone is of age in bulk and handing them out for free.

It works for contract signing and payments, because there is a built in incentive there, but not for age attestation.

We need "How to talk to your legislators about zero-knowledge proofs".

  • "Dont do age assurance, ever"

    Done.

    • It's much easier to convince somebody to achieve their goals your way than to not achieve their goals at all.

      Politicians don't want to be seen as going soft on child predators and harms to children. That is a career-ending move. Whether the bills they introduce even protect children at all has no bearing on it. PR is PR.

      If you're essentially telling somebody that children don't need to be protected, you might feel smug and superior, but you're achieving nothing. You'll be ignored as a conspiracy-theory-loving nutjob.

      If, on the other hand, you tell politicians that there are multiple approaches to protecting children, all as effective, with one of them having fewer side-effects to the rest of society, now that's a much easier sell. You sound like somebody who knows their stuff and has a nuanced take.

      1 reply →

  • Not really any point since US legislators aren't motivated by the interests of regular people.

    • Yes, they are not.

      > Today, we open sourced our Zero-Knowledge Proof (ZKP) libraries, fulfilling a promise and building on our partnership with Sparkasse to support EU age assurance.

Will they not just argue that you could share the assertion, and hence we need a 'trusted' verfication point to establish it is actually you in posession of the zkp token, right now. So turn on that smartphone camera right now and obediently follow our biometric verfication instructions ...

  • Or even simpler - they can just claim to implement it but still store your data just because.

    Doesn't seem like government is taking any steps here to try and regulate anything anymore. Possibly not ever again.

    • There is literally no way of us knowing if Google hasn't chosen to cheat during the ZKP protocol or not. Zero chance.

  • Maybe, but we should force them to make that argument after we demonstrate age verification doesn't require identifying ourselves to every website. It would reveal they aren't seeking pragmatic solutions.

A great number of people here are engaged in civilized debates about whether parenting needs age verification.

That might seem to be the issue, but it is a red herring.

Powerful people are ramming age verification through in a way that will surveil you and give government the ability to not just attest for your age, but surveil what sites you use, and revert their attestation, for anyone, on any site, for whatever reason.

Not just porn sites but any site they convince to use their age verification scheme.

Even Wikipedia is having to fight this with the help of the EFF to not force all its users to submit to this.

Wake up. We all need to wake up.

The purpose of an anonymizing open source alternative is to head off dystopia. Nuanced opinions about parenting are not a defense strategy. Not against a closed internet permissioning system run by governments. Implemented by people who are using parenting as a cover.

Your parenting opinions won’t help you log onto increasing numbers of sites that block you without a government supplied key.

Wake up.

We must not let governments use this issue to lock down the internet. But that is now the default outcome.

The problem is insidious.

I'm not a fan of age checks. There is a reason Google is offering this (for free).

As always with tracking, the value is in the metadata.

The knowledge if you are or are not above a certain age is already privacy invasive but not that relevant for tracking or ads.

But with ZKP at least you won't need to send your creditcard, copy of ID and address to the 3rd party to verify.

CSIRO and the Australian privacy commissioner suggested this path to the Australian Government a few years ago.

I'm not a fan of technology fixes for social problems but i do think this may be in the sweet spot.

I see a lot of people here don't agree. I think they may not appreciate quite how concerned a lot of the community is about the effects of networked communication on minors. I'm not here to change people's minds, but this isn't a US problem it's a global one, and US constitutional rights views do not predominate worldwide.

Google has more customers outside the US than inside, and has more business with entities subject to non US laws than solely US domiciled entities.

I've been trying to figure out how zero-knowledge stuff would work in practice for age verification, where "when issued" (or extremely coarse, like what year), "to whom", and "where it's used" are hidden from everyone except the individual holding the proof (since that's the gold standard, and the only one worth accepting).

I get that ZK techniques work, and reveal "nothing". That's useful.

But if they reveal nothing, isn't it wide open for abuse? Couldn't one over-18-person's proof become everyone's proof, because they can't tell it's the same proof, and the issuer can't tell where or how often the proof is being used? Or are there ways to construct data leaks that are not user-identifying but are abuse-identifying (and what would that even mean)?

  • > But if they reveal nothing, isn't it wide open for abuse? Couldn't one over-18-person's proof become everyone's proof, because they can't tell it's the same proof, and the issuer can't tell where or how often the proof is being used?

    Yep!

    This is why the concept of zero knowledge age gating is such a trap for technically minded people. They imagine receiving a private cryptographic object that can be used to anonymously confirm that the government says it was issued to someone over 18.

    That’s completely useless because a single leaked token could be used forever, so nobody actually considers this.

    All of the real proposals have various compromises baked in. Some people want to require device attestation, so you could only do this handshake from a government approved device running a government approved operating system. Forget using Linux or maybe even a general purpose computer at all.

    Other proposals involve online government handshakes in various ways, with a pinky promise that the government won’t keep logs or tap it for national security purposes. So we get back to anonymous by trust only.

    • You can fix the leaked token problem if your prover also proves that (a) the private token id is not on the public revocation list, and (b) the token has not yet expired. Use short expirations and auto-renew, this is just to keep the revocation list from growing forever.

      Attackers could still compromise the system with proxies, but you can fix that by (a) passing in a random sessionid from the server so proofs can't be replayed, (b) also passing in the server's public key, so a MITM attack will result in proof the server can't verify, and (c) as you mention, using secure hardware on the client, and encrypting communications between that hardware and the server. The secure hardware doesn't have to preclude general-purpose computers; it can work like a yubikey or hardware wallet, just plug into USB or bluetooth.

      Without proxies, a leaked key has a minor impact unless it's widely distributed online, in which case it's easy to notice and add to the revocation list.

      Tracking clients can be prevented if the client generates a new public key for each session.

      Requiring hardware is in one sense a downside, and strong protections for access would have to be part of the law. But giving everyone secure cryptographic hardware that can do key management and zero-knowledge proofs would be a huge improvement for everyone's privacy and security, so it might be a good trade.

      1 reply →

    • > Some people want to require device attestation, so you could only do this handshake from a government approved device running a government approved operating system. Forget using Linux or maybe even a general purpose computer at all.

      The reason this is a non-problem for the purpose being discussed (age verification on social media) is that you can simply allow anyone with a de-Googled phone or using Linux on a laptop (or even Mac or Windows) to bypass the age check. You don't need a 100.0% accuracy solution, anything above 90% is fine.

      Essentially all teenagers are using social media on Android or iOS with apps from the official app store. If you make social media unavailable only on those devices, they are not going to be switching en masse to SailfishOS or start to carry around backpacks with laptops.

      Maybe a few will. But then they're going to be very lonely on their social media and subsequently stop caring.

      2 replies →

    • From my limited knowledge of ZKP I believe there are protocols that don't allow token reuse, i.e., once you consume a token for one round, you cannot reuse it for another attestation.

      2 replies →

    • We might be over complicating things here.

      The governments’ focus might be on protecting genuine users (adults or not), not fighting fraudsters.

      In other words if ZKP works for the vast majority of technically illiterate people with their EU ewallet, the job is done.

      2 replies →

    • > All of the real proposals have various compromises baked in. Some people want to require device attestation, so you could only do this handshake from a government approved device running a government approved operating system. Forget using Linux or maybe even a general purpose computer at all.

      SPOT ON! This needs to be plastered across the top of every single thread on "age verification" (really: identity verification).

      Talk of "zero knowledge proofs" or other technical schemes are essentially just nerd sniping on this topic. These sound like really cool solutions where we can have our cake and eat it too, but the reality is that the cool technical bits are just the tip of the iceberg. For them to actually be secure (ie prevent the trivial proxying of credentials), there has to be another, much more draconian, part to the system.

      Even if that part is missing to begin with, then calls to add it down the line will be inevitable once the idea that websites are responsible for verifying users "ages" (identities) has taken hold and those flaws become glaringly apparent.

      I am a parent who will be staring down this issue in a few short years. The Internet is not the place we grew up. Faceboot and other engagement-farming companies are most certainly malevolent threats to the human psyche [0], and it's reasonable to assume that their effects are even stronger on developing minds.

      The only approaches that are workable to protect kids as well as preserve Internet/computing freedom (which is actually an additional angle of protecting kids from continuing loss of freedom to roam) involve the client device being responsible for what to block/show, with information only ever flowing from the server to the client - for example tags that assert a site/app is suitable for people over a given age, and on-device parental control software that operates on those tags. If parental controls are enabled and a website has no tags, then the site does not display - failing closed and preserving compatibility with the open web.

      Given that this is a dire problem that parents face that has reached a tipping point, it would be reasonable to create a legal mandate that mass market device manufacturers must include parental control software that can be enabled during setup process, and that websites over a certain size have to include tags stating their age appropriateness. That would bootstrap the ecosystem and lead to the development of more vibrant tags and blocking software, enabling parents to set their own policies independent of corporate attorneys decreeing what is acceptable for their kids.

      [0] It is also worth keeping in mind that it is exactly Faceboot and its ilk that are pushing these identity verification laws in the first place! They are simply trying to remove their legal liability for harming kids, so they can otherwise continue business as usual

    • why would a token a) last forever, and b) not be created as a response by your smart ID card to a challenge token?

    • I agree with your analysis, but doesn't that make this blogpost by google a bit overoptimistic, or even disingenuous?

  • Briefly, your government issues you a digital signed copy of a document, such as a driver's license or passport, that gets bound to a hardware security element that you own. In current implementations these are the secure elements of smart phones, but there is no reason that standalone hardware security elements could not be supported.

    When you want to provide information from that document to a third party a protocol is used which allows you to demonstrate to the third party that (1) you have a document from the government bound to your hardware security device, (2) you have unlocked the hardware security device, (3) and the document says what you say it says (e.g., "the birthdate field in this document contains a value that is more than 18 years in the past").

    This third party gets no additional information about the contents of your document. The protocol takes place entirely between your device and the third party, so the government that issued you the bound document has no idea when or if you use it.

    Someone over 18 person could indeed decide to help others prove age, but they would either have to do it in person or be willing to loan their unlocked security element to those others.

    • TPM can solve the "neither side gets info about who you are or where it's used" part, but it seems like that might mean any TPM leak also means a single token can be used infinitely without detection, yea? Otherwise it's uniquely identifying, which wouldn't be even slightly private.

    • > Someone over 18 person could indeed decide to help others prove age, but they would either have to do it in person or be willing to loan their unlocked security element to those others.

      You can still automate age-verification-as-a-service using a physical autoclicker on a smartphone with the camera oriented at a screen showing QR codes. I expect this to happen, and for that reason I also expect true anonymity to be something that will last a year or so until it will be politically decided to fix the issue using some central party that verifiers have to contact to impose rate limiting.

  • > But if they reveal nothing, isn't it wide open for abuse?

    Good point, they do contain more information than "They are over 18". The primary (usually only) thing is who is attesting they are over 18. That might be the government, or a bank.

    That's inevitable, because the usual flow is rather like Google's OAuth - the site needing you to prove your age rediects to the provider (Google, or whoever), who asks questions to verify your identity, and then replies with "over 18" or "not over 18".

    This can leak other information aside from the site knowing who is verifying your age. For example, done the wrong way, the Google / the government could know what porn sites you like. OAuth, for example leaks that sort of information. But there is no technical reason it has to be that way.

    The major barrier to all this isn't whether it's possible to design a protocol that proves your age, having a driver's licence or even an amount in a bank account. It is absolutely possible. It's that to be useful, everyone has to agree on the same protocol. That has so far proved to be near insurmountable.

    • > the usual flow is rather like Google's OAuth - the site needing you to prove your age rediects to the provider (Google, or whoever), who asks questions to verify your identity, and then replies with "over 18" or "not over 18".

      This is false. There are many problems with age verification, but the EU approach does not involve the id provider in the verification flow. The site requiring verification presents a QR code which encodes a presentation request and the provider controlled URL which is to receive a presentation of the age credential, and then the smartphone generates a unique presentation signed by a device bound key and sends it to that endpoint.

      It is however true that in addition to the one bit of information saying age>18, what is also revealed is the public key of the identity provider. This will at least reveal the nationality of the credential holder and - in the case there are multiple issuers within a nation - may reveal even more information about their demography.

      1 reply →

  • My understanding as someone who is just learning about the tech is that zero-knowledge isn't a great description of what is happening. The issuer (some party with the proof, like the government) shares the knowledge and that is only valid for a single verifier. So knowledge is held and is shared, just the minimum amount possible to be credible.

  • Idk if this scheme is zero knowledge, but what's wrong with it? :

    - you enter ph and must age-verify. It says 'your secret: "capable peanut", enter age proof below'.

    - you go to age-knower (e.g bank or government page). You provide the secret phrase, and you get back a cryptographically signed json with the secret phrase, a claim 'above18', and a field stating who attested for the age (e.g government or bank or whoever).

    - you paste this signed json (maybe encoded as base64 or something) into ph. It will verify that the attestee is good, then use it's public key to verify the signature, before checking that the secret is the correct one, and that it contains the age-claim.

    Is the problem that if ph and the attestee colludes they can compare the secret string and figure out who you are?

    • Yes, that allows collusion. Which has historically happened quite regularly any time money or politics are involved, which means we should not accept that strategy.

      For some isolated scenarios, that collusion risk may be completely fine. But not for something that is poised to control access to the internet as a whole, or in any way relates to maintaining safe free speech on the dominant public platform for doing so (the internet). People need protection from their government (present and future), or it's not a "right", it's just temporary retroactively-revokable permission.

  • That's where trusted computing comes in.

    Your proof proves two claims. That the person proving their age is over 18, and that they're using a device and software that hasn't been tampered with. That software requires human presence at every age check.

    ZKPs for age assurance are trading off privacy at the expense of software malleability.

    Note that this has nothing to do with open source; it's perfectly fine to release the source code for the relevant software. You can even allow for reproducible builds and full auditability if that's what you want.

    • > Note that this has nothing to do with open source; it's perfectly fine to release the source code for the relevant software. You can even allow for reproducible builds and full auditability if that's what you want.

      But note that it does have everything to do with software freedom. Being able to read the source is little consolation if you're unable to modify it. And preventing users from using modified software is the entire point of remote attestation.

      "Zero-Knowledge Proof" based schemes for this problem is nothing more than a marketing scheme by Google to continue locking down devices and the previously-open web ala WEI, SafetyNet, etc. https://news.ycombinator.com/item?id=48760232

    • > Note that this has nothing to do with open source; it's perfectly fine to release the source code for the relevant software. You can even allow for reproducible builds and full auditability if that's what you want

      The released code can do all of that, and then nothing still assures me that they didn't implement just a POST <my whole information> to their partner and called it ZKP and pointed at google's repo.

  • There are different ways to think about this:

    1. Imagine what the protocol would look like without privacy (zk allows you to “sign” a computation, so just do the computation in the clear)

    2. Imagine what the protocol would look like by revealing a hash of the passport only (the idea of a “nullifier”, a unique identifier that hides the data and and can be revealed to prevent replays)

    The first one should already answer your question: the way you would prevent replays or portability (I use your proof) is to attach some sort of session context to your proof

  • This is basically the double spending problem which has been solved in various ways.

    • It has? I've been under the impression that the "solutions" are "trust us, we don't allow that" (relying on an authority with full knowledge, as partial knowledge isn't sufficient) and "use more resources than anyone can feasibly contest" (bitcoin).

      You could build a merkle tree to say "we exist after X" but not "there is no other X". And publishing that tree for verification would seemingly violate "zero knowledge", unless you know of some way to scrub that, and also hide timing information, because timing information can identify visitors to observers.

This seems great - one question (ideally for Alan stapleberg) why is this not available for everyone? Seems like this is only applicable to the EU? Genuine question - Why would other governments not want this for their people ? I am sure there is a flip side that EU thinks is not worth more than thier people getting this kind of privacy. But what’s has to be true for some govts to think that the flip side is more beneficial than the privacy aspect. Appreciate if someone can break down how incentive structures are different and hence the resultant choices/positions

[2025]

  • Yes, but it's never been more important than now. Also, I did not have enough chars for an HN title.

    • Funny though how whenever these laws are pushed though, the legislators are more interested in strongly identifying people to gate services despite the fact that they should have plenty of advice that things like zero-knowledge proofs exist.

      I hate to be cynical but I worry that this isn't going to matter, because it really seems that a lot of the pressure behind age verification isn't actually very interested in the age verification part...

      4 replies →

What's the point of giving a single point of information about yourself to a single website, when all the websites you visit use the same trackers (from Google for example) only to merge these data points together and sell them as a package.

  • Because of the principle of least privilege: https://wikipedia.org/wiki/Principle_of_least_privilege

    All current age verification measures open up a torrent of attack vectors on user PII and privacy. Limiting the number of entities that are able to access data is one of the best ways to prevent it's leak or abuse. Don't let perfection be the enemy of good.

    But therein lies the fundamental problem with surveillance capitalism. Until the sale of personal data/metadata is outlawed, the practice of targeting content based on an individuals personal data/metadata is outlawed, there is a highly punitive cost for violations and leaks that make storage outside core business functionality a major criminal and financial risk, and the compilation of this data by "intelligence" agencies it treated as a critical attack vector to national security – the attack on each citizens civil rights that it truly is – most privacy laws and regulations are just virtue signals designed specifically avoid the root causes, and further entrench the power of monopolies and incumbents.

    FYI I don't believe Google sells user data. They sell products which leverage user data to give them a critical advantage over every competitor who does not have trackers in everyones pockets/computers, does not store their entire web search/browsing history, etc. It's in the interest of big tech to protect their market advantage (like ZKP, which would prevent competitors from having a new gov-mandated vector to compile user data).

    • Google never sold user data until the DoubleClick acquisition, from what I understand

It is painfully obvious that the "age assurance" push is to limit anti-zionist propaganda.

I wonder who or what will abuse this infrustructure when they fail.

more like walled off garden where they only, have access to children and what they watch. so now they will feed them the junk and ads curated only for children so they can get them hooked on products early on. Way to go Google yo uhave succeeded in your goal.

Unfortunately ZKP's aren't magic.

When not doing privacy oriented cryptocurrency (cough money laundering cough) with ZKP's, if you really want private verification you are in a position where a single actor can authenticate the entire world and no one will know it happened. And to prevent it you assemble the pieces necessary to deanonymize anyone.

Make no mistake. ZKP age verification, as proposed, will just require multiple parties to collude to figure out your identity.

They can't even implement ZKP for remote attestation due to the auth-the-world problem.

  • Assuming that perfect is the enemy of good, this is still better than all the proposed alternatives, isn't it?

    • With ZKP age verification, services will not be able to track you without help from the CA. The CA will not be able to track you without help from the services. Both will contain the necessary information in their databases that when combined deanonymize you. The CA is the central authority/certificate authority.

      So you should assume the government can track you, because you should assume both will be streaming those identifiers to it.

      4 replies →

This is going to be a thing where the individual parties might get something like reliable anonymity, and Google will still be able to trace it, right?

Someone else in the thread asked, as others have, but most pithily

> How about not needing to do age verification?

Which I agree with. However, I think that ship is sailing. Those who care about this had better find a provider that they trust and support providers they trust, because the perfect is the enemy of the good, and without the good there'll be no way to rollback to the perfect at all.

It's not zero proof

It's moving the goal post from one entity to another.

You can also fake it by letting someone else solve it for you.

  • > You can also fake it by letting someone else solve it for you.

    Fair enough, that's true. But there is no solution that could ever prevent this, right?