What's crazy to me is why they didn't go for that kind of implementation. This works well, ensures privacy, can be audited easily, and doesn't need a f*cking app on my phone.
If you read the guidelines they actually want to implement a double-blind approach with ZKPs, which imo is significantly better than a challenge-response pub key system in term of privacy.
If you're not familiar this would mean the verifier doesn't learns anything except a statement about attributes (age, license, etc); and the EU doesn't learn what attributes have been tried to verify or by who.
What would need to happen in the United States to implement a reliable ZKP age verification system - and how long would it take to roll it out?
Asking because it feels like the Titanic has sunk, and we're eschewing a floating door because the coast guard has regulation conformant life rafts that would work better.
f_devd|5 months ago
If you're not familiar this would mean the verifier doesn't learns anything except a statement about attributes (age, license, etc); and the EU doesn't learn what attributes have been tried to verify or by who.
jwally|5 months ago
What would need to happen in the United States to implement a reliable ZKP age verification system - and how long would it take to roll it out?
Asking because it feels like the Titanic has sunk, and we're eschewing a floating door because the coast guard has regulation conformant life rafts that would work better.
jwally|5 months ago
"Hey third fifth of Oregon! Do you want to triple your customer base in Oregon for the cost of a small dev team and 1 month of work?!"
> f*cking app on my phone
I need another app on my phone like I need another hole in my head...