[Mindwipe]

That only works in the context of when the sender isn't the adversary, which isn't the case in an age verification system - it very much does treat the sender as the enemy and untrusted. And again, the revocation chain on the backend is not zero proof.

[rcxdude]

That's only an issue if getting the proof involves somehow identifying the service you are sending it to. If it's a generic 'send me a proof' it's not necessarily a problem, though of course it would be better if you could just generate your own proof.