> interesting to see how anonymous yet sybil-proof social media would work out.

I agree it could be interesting but on the other hand we see plenty of people posting tripe under their public meatspace nym. The real problem with social media is the centralized sites optimizing for engagement, which includes boosting sockpuppets into view of the average user. So focusing on controlling users continues to ignore the puppetmaster elephants in the room.

I think talking about crypto details is a red herring on this topic though. User controlled computing devices mean that any two people can run software that behaves as a single client, using the credentials of the first person to give access to the second person. The only way to stop this is to make the first person have skin in the game, which is directly contrary to all of the privacy goals.

Chewing on this problem a bit more, it's starting to feel like this "use cryptography prove aspects of your identity without revealing your identity" is actually a bit of a longstanding nerd-snipe. It seems like a worthwhile problem because it copies what we do in meatspace for liquor/stripclubs/gambling/etc. But even the meatspace protocols are falling apart with a lot of places using ID scanners that query (ie log) a centralized database, rather than a mere employee who doesn't really care to remember you (and especially catalog your purchases). The straightforward answer to both is actually strong privacy laws that mandate companies cannot unnecessarily request or store data in the first place. Then some very simple digital protocols suffice to avoid this issue of identity being implied by knowing one mostly-public number.

(FWIW the problem of making change always seemed very simple to me - binary denominations of coins/tokens. I've always thought the statement of it as a problem has more to do with the speed of crypto ops during the period of early ecash research)