(no title)
captainmuon | 6 months ago
That the bank is aware of your identity is not neccessarily a flaw, but a boundary condition of the protocol. Assuming a trusted intermediary, how can we.... I think a solution here is not purely technical, but also social. How about establishing a trusted intermediary that can check your identity, but for sure does not do anything malicious with the information? Maybe there is a strong taboo against disclosing the information, like with the confidentiality of confession.
There is another flaw in the proposed scheme, how do you make sure that people don't just take the signature from another person? This one is pretty tricky to solve.
I have been thinking about similar "proof of attribute" protocols for a while, since they have interesting use cases outside of age verification. You could verify that a person on HN is really an Apple employee, without Apple being able to identify that user. Or on a dating site, you could verify that the user is a certain gender, in a certain age bracket, and the account is tied to a social media account in good standing (not a throwaway account), without having the link explicit somewhere (and thus leakable).
jwally|6 months ago
I completely missed that I could hand the merchant string to a friend with a bank account and have them sign it. Pretty obvious in retrospect!
Its not perfect, but maybe reasonable enough to prevent resale by using a salted hash of the users ip.
Wrt hash linking, theres chaums blind signature thing which looks solid. It feels like a cheap enough, private enough, and reliable enough solution is that can be rolled out in under 6 months is in this neighborhood; maybe this provides something to trigger someone who can do it to do it.
jwally|6 months ago