[condiment]

We are missing accessible cryptographic infrastructure for human identity verification.

For age verification specifically, the only information that services need proof of is that the users age is above a certain threshold. i.e. that the user is 14 years or older. But in order to make this determination, we see services asking for government ID (which many 14-year-olds do not have), or for invasive face scans. These methods provide far more data than necessary.

What the service needs to "prove" in this case is three things:

1. that the user meets the age predicate

2. that the identity used to meet the age predicate is validated by some authority

3. that the identity is not being reused across many accounts

All the technologies exist for this, we just haven't put them together usefully. Zero knowledge proofs, like Groth16 or STARKs allow for statements about data to be validated externally without revealing the data itself. These are difficult for engineers to use, let alone consumers. Big opportunity for someone to build an authority here.

[john_strinlai]

>We are missing accessible cryptographic infrastructure for human identity verification.

like most proposed solutions, this just seems overcomplicated. we don't need "accessible cryptographic infrastructure for human identity". society has had age-restricted products forever. just piggy-back on that infrastructure.

1) government makes a database of valid "over 18" unique identifiers (UUIDs)

2) government provides tokens with a unique identifier on it to various stores that already sell age-restricted products (e.g. gas stations, liquor stores)

3) people buy a token from the store, only having to show their ID to the store clerk that they already show their ID to for smokes (no peter thiel required)

4) website accepts the token and queries the government database and sees "yep, over 18"

easy. all the laws are in place already. all the infrastructure is in place. no need for fancy zero-knowledge proofs or on-device whatevers.

[mothballed]

The government will want some way to uncover who bought the token. They'll probably require the store to record the ID and pretend like since it's a private entity doing it, that it isn't a 4A violation. Then as soon as the token is used for something illegal they'll follow the chain of custody of the token and find out who bought it.

No matter what the actual mechanism is, I guarantee they will insist on something like that.

[john_strinlai]

if the goal is to "protect children", or just generally make parts of the internet age-gated, my proposal is 100% fine.

if the goal is "surveil everyone using the internet", yes, very obviously my proposal would not be selected, and you will have to upload your id to various 3rd-party id verifiers.

[mothballed]

I think something like your proposal actually sounds the most logical. I just think they will bolt on chain of custody tracking to it, while promising it will only be used for finding "terrorists" or something.

[procflora]

Yes, while I was reading the article I couldn't help but think about notaries public. Seems like something like that would be government's go-to for this if they weren't quite so overfed on tech industry contributions that lead them down the path of AI solutions.

I'm not sure that's the right answer here, but I think it ticks a lot boxes for the state.

[Seattle3503]

The nice thing about something bolted on like that is that it is not an essential feature of the core design and has no bearing on the original goal. It can be removed or reformed. The same isn't true of the approaches we are heading towards now.

[IanCal]

What you’re describing is infrastructure that doesn’t necessarily exist right now for use online, and has all the privacy problems described. Why should I have to share more than required?

[john_strinlai]

it has none of the privacy problems described, and 95% of the infrastructure exists right now (have you ever purchased smokes or alcohol?)

to go on tiktok, you enter a UUID once onto your account, and thats it. the only person that sees your id card is the store clerk that glances at the birth date and says "yep, over 18" when you are buying the "age token" or whatever you want to call it. no copies of your id are made, it cant be hacked, theres no electronics involved at all. its just like buying smokes. theres no tie between your id and the "age token" UUID you received.

theres no fanciness to it, either. itd be dead simple, low-tech, cheap to implement, quick to roll out. all of the enforcement laws already exist.

>Why should I have to share more than required?

you shouldnt. having to prove age to use the internet is super dumb. but thats the way the winds are blowing apparently. if im gonna have to prove my age to use the internet, id much rather show my id to the same guy i buy smokes from (and already show my id to) than upload my id to a bunch of random services.

[simoncion]

The problem with this scheme is that it's exactly as protective as requiring someone to tick a "I'm of legal age" tickbox in the software they wish to access. Anyone who is of legal age can buy UUIDs and pass them around to folks who are not.

Having said that, I think having an "I'm of legal age" tickbox goes quite far enough.

For the ultra-controlling, setting up a "kid's account" using the tools already provided in mainstream OS's [0][1] is a fine option.

[0] <https://www.microsoft.com/en-us/microsoft-365/family-safety>

[1] <https://support.apple.com/guide/mac-help/set-up-content-and-...>

[john_strinlai]

>The problem with this scheme is that it's exactly as protective as requiring someone to tick a "I'm of legal age" tickbox in the software they wish to access.

no, it is exactly as protective as the protections for purchasing alcohol or buying smokes or other controlled substances/products.

buying smokes/alcohol when underage is obviously harder than "click this box". (did you ever try to buy smokes/alcohol when underage? you cant just go up to the clerk at the store when you are 14 and say "trust me bro, im 18/19/21".)

>Anyone who is of legal age can buy UUIDs and pass them around to folks who are not.

same for smoking and alcohol. i could go to the store right now and buy smokes, then hand them to my 10 year old.

we have laws already in place to punish selling smokes/alcohol to underagers, and laws for consuming smokes/alcohol when underage. we can apply those laws to your internet-age-token.

most people seem fine with the current trade-off for smokes/alcohol. i see no reason why tiktok needs to be treated as more dangerous than either.

>Having said that, I think having an "I'm of legal age" tickbox goes quite far enough.

i agree with this and everything you said afterwards. id rather not have any of it.

[simoncion]

> no, it is exactly as protective as the protections for purchasing alcohol or buying smokes...

Right. That's exactly as protective as that tickbox. [0] As I mentioned, any of-age person can distribute those UUIDs to people who are not of-age. Unlike with the proposed ID-collection-and-retention schemes (that are authoritarian's wet dreams) the vendor of the UUID is not responsible for ensuring that that UUID is not later used by someone who is not of-age.

If you were to -say- make alcohol vendors liable for the actions of of-age people who pass on alcohol to not-of-age people, then you'd see serious attempts to control distribution.

[0] Don't forget the existence of preexisting parental controls in every major OS. IME, this is a hurdle that's at least as difficult to surmount as the ID check done in non-chain convenience stores.

[IanCal]

Sorry I'd misunderstood I thought you were describing infrastructure that already exists and making a comparison to just using your ID.

[JanisErdmanis]

A significant obstacle to adoption is that cryptographic research aims for a perfect system that overshadows simpler, less private approaches. For instance, it does not seem that one should really need unlinkability across sessions. If that's the case, a simple range proof for a commitment encoding the birth year is sufficient to prove eligibility for age, where the commitment is static and signed by a trusted third party to actually encode the correct year.

[condiment]

I agree. I've been researching a lot of this tech lately as a part of a C2PA / content authenticity project and it's clear that the math are outrunning practicality in a lot of cases.

As it is we're seeing companies capture IDs and face scans and it's incredibly invasive relative to the need - "prove your birth year is in range". Getting hung up on unlinkable sessions is missing the forest for the trees.

At this point I think the challenge has less to do with the crypto primitives and more to do with building infrastructure that hides 100% of the complexity of identity validation from users. My state already has a gov't ID that can be added to an apple wallet. Extending that to support proofs about identity without requiring users to unmask huge amounts of personal information would be valuable in its own right.

[mothballed]

Even if the problem is perfectly solved to anonymize the ID linked to the age, you still have the issue that you need an ID to exercise your first amendment right. 1A applies to all people, not just citizens, and it's considered racist in a large part of the US to force someone to possess an ID to prove you are a citizen (to vote) let alone a person (who is >= 18y/o) w/ 1A rights.

[zarzavat]

https://xkcd.com/538/

Your crypto nerd dream is vulnerable to the fact that someone under 18 can just ask someone over 18 to make an account for them. All age verification is broken in this way.

There is a similar problem for people using apps like Ubereats to work illegally by buying an account from someone else. However much verification you put in, you don't know who is pressing the buttons on the screen unless you make the process very invasive.

[condiment]

You seem to have missed requirement #3 -> tracking and identifying reuse.

An 18-year-old creating an account for a 12-year-old is a legal issue, not a service provider issue. How does a gas station keep a 21-year-old from buying beer for a bunch of high school students? Generally they don't, because that's the cops' job. But if they have knowledge that the 21-yo is buying booze for children, they deny custom to the 21-yo. This is simple.

[zarzavat]

> How does a gas station keep a 21-year-old from buying beer for a bunch of high school students?

They don't? Teenagers can easily get their hands on alcohol... you just need to know the right person at school who has a cool older brother. If their older brother is really cool they can get weed too!

The police absolutely do not have the time to investigate the crime of making a discord account for someone.

[egorfine]

You are missing the point.

They don't care whether you are 14 or not. They want your biometrics and identification. "Think of the children" is just a pretense.

[yladiz]

In general, any government already has your information, and it's naive to think that they don't; if you pay taxes, have ever had a passport, etc. they already have all identifying information that they could need. For services, or for the government knowing what you do (which services you visit), then a zero-knowledge proof would work in this case.

[IanCal]

The companies don’t, and th government already has your government id.