The EU has been working on a zero knowledge system as part of the EU Digital Identity Wallet project for a few years now. It is currently undergoing large scale field tests in several countries with expected release late this year. All member states are required to provide at least one free secure interoperable implementation to their citizens, and regulated industries such as banks and telecoms, are required to accept it. If a member state passes a law requiring age verification on social media it must include the EU Digital Identity Wallet as one of the verification methods the site must support.

What was that about no government would consider zero knowledge to be robust enough?

Which of these governments do you trust? The same governments, mind you, that are working diligently to end anonymity on the Internet.

Introducing a solid zero-knowledge age verification option is the opposite direction of ending anonymity in the Internet, which other parts of the same governments are also working on.

So yeah, I'll gladly trust and cheer on the part working in the right direction.

Same EU that wants to ban encryption?

The EU Digital Identity Wallet isn't zero knowledge. I mean it's just not. It relies on Google Play Integrity Attestation on Android and the iOS equivalent on Apple devices because those give it a revocation mechanism, and those aren't zero knowledge.

https://github.com/eu-digital-identity-wallet/av-doc-technic...

It says that it wants to be zero knowledge, but it has no zero knowledge implementation and no plan of how it even possibly could be zero knowledge, and it never will precisely because that is incompatible with the revocation requirements set down by the EU.

(Without accepting the premise that it should be acceptable to have to provide any kind of proof...)

> Zero knowledge protocols really have no functional revocation mechanism.

None would be needed, you (sadly) only age in one direction, so valid proof would never become invalid proof.

>valid proof would never become invalid proof

Somebody can give their proof of age to another person.

And? Presentation of someone else's valid credentials is not fixable by any privacy-preserving mechanism. You can set an expiration date in order to rotate them, and they can be fast-rotating.

In any case, it's a moot point: the correct amount of required identification is zero.

> Presentation of someone else's valid credentials is not fixable by any privacy-preserving mechanism.

And that is precisely why governments will never implement a privacy-preserving mechanism, which is exactly my point.

Compromised tokens would be trivially google-able within a day otherwise.

expiry