> The point of this is that you can use the credentials on your phone to prove that you are an ad...

nottorp • today at 10:58 AM • 1 reply • view on HN

> The point of this is that you can use the credentials on your phone to prove that you are an adult to a website using zero-knowledge proofs to avoid disclosing your identity to anybody.

That's the theory. How is it in practice?

In my opinion, it just means there is a single government database to hack to get copies of all IDs...

By the way have the "security experts" checking this app evaluated that part? Or they're just worried about the app users cheating?

Replies

sofixa • today at 11:10 AM

> In my opinion, it just means there is a single government database to hack to get copies of all IDs...

That doesn't make sense, all IDs are already in a single government database. Kind of by definition in fact, for IDs to be useful they need to be emitted by a central authority with associated security and revokability guarantees.

The implementations I've seen rely on an app reading your physical ID and its NFC chip, comparing that with a selfie to ensure it's the same person, and being able to provide anonymous proof you are of age based on that, or proof that you are indeed who you say you are.

➕ show 1 reply

alt Hacker News

Replies