> The wallet will automatically request new credentials in batches when they run out.

Is that an ongoing cost that I’ll pay for via taxes? It doesn’t matter how anonymized all the schemes are. The government needs to give permission by signing attributes. It will be abused to gate everything we can do.

I wouldn’t be surprised if everything is gated behind attestation fairly quickly. Then our “secure” devices will attest against us if we do anything that isn’t a government approved activity.

Hopefully they never manage to hijack our network protocols. Imagine something like SNI, but it’s an attestation that traffic originated from a secure device that’ll participate in the scheme you described. Then your ISP can drop non-compliant traffic and you can only engage in government approved activity.

The answer to these proposals should be “no”.

> This is covered by allowing for single-use credentials.

They said There are proposed mitigations like issuing multiple sets of credentials or rotating them, but we're not going to get an infinite number of keypairs for every website or session in the secure enclave in practice.

> Basically, the wallet requests a batch of single-use eIDs that all use different device key-pairs.

The comments you replied to omitted mass surveillance. But the article and 1st comment included it. The government would know what wallet requested each single use identifier.

> This is covered by allowing for single-use credentials. IIRC the EU personal IDs will use this. Basically, the wallet requests a batch of single-use eIDs that all use different device key-pairs. Each credential is only used for one request and then deleted.

But this then means that the issuers and the verifiers can trivially collude to deanonymize holders/users.