[eggbrain]

Lately I've been building Aho (https://aho.com) -- an API for verifying age, credentials, and identity using cryptographic proof from digital wallets instead of document inspection.

For context, I built out Playboy's age verification system, and watched as it hurt conversion (nobody wants to upload an ID to an adult website, who would have thought!). Cryptographic signatures from issuing authorities (DMVs, universities, employers, etc) with selective disclosure (e.g. you don't need to upload your full ID, just the fields that matter) is how verification _has_ to work going forward -- AI can fake documents, but not private keys.

I've been working on this 6 months full time, and implemented all the W3C VC, OpenID4VCI/VP, SD-JWT specifications myself.

Would love to get people's thoughts on it!