alt Hacker News> 1. Make it illegal and punish people.
Which you will prove how? With no record of which ID was used and with the person who used it being under 18 by necessity, this means there would be no evidence to even punish anyone old enough to be punished.
> 2. Have a certain limit (like 5) on virtual ids one person can register. Allow to withdraw consent and close virtual ids.
If the ID is only checked in a zero-knowledge way to register accounts, you don’t even need multiple IDs. You just need access to one, which can be used a million times.
All of the schemes to check if it’s being used multiple times start exposing more info or requiring a central party to manage. We start sliding down the slope of having the government manage ID checking centrally, which conveniently gives them a way to check which people are accessing which services.
Mostly it's enough to have "if a minor gets caught, he will be punished". Similar with the alcohol, except that alcohol consumption is short in duration, while usage of social media is constant, making it much more likely to be caught.
In this kind of case, the liability should clearly start before 18. Solicitations/attempts should be punishable as well. Punishment should also be "retroactive" - "oh, you are 20, but have been using this account for 10 years? Smack!" with consistency and public publicity/propaganda.
A much greater punishment should be done towards the adult who allowed it.
In a similar way as buying alcohol or drugs for minors.