Aspiring polymath.Trying to make things better. Opinions are my own and subject to change

  • 0 Posts
  • 8 Comments
Joined 3 years ago
Cake day: June 20th, 2023
  • AtHeartEngineer@lemmy.worldtoEurope@feddit.orgThe EU says its age verification app is readyEnglish
    1·
    6 days ago

    I understand that’s an issue with open source in general, but this specific implementation should be using zero knowledge proofs, which is provable. They are, by definition, provable programs where you can prove properties of data without revealing secrets.

    The way this works in practice is:

    1. govt issues passport with digitally signed credentials
    2. I take a picture of my passport and tap my passport on my phone (you need both, the actual printed info is what “unlocks” your phone to be able to read the NFC data)
    3. Your phone reads off the digital signature from the govt, your date of birth, name, etc
    4. You download the zk proof program and it’s trusted setup files, check that their hashes match what is public and audited.
    5. run your passport info through that program locally, and it produces a: “You are over 21” + “From the EU” + “a nullifier” + “here is mathematical proof that this data is valid”
    6. you take that math proof and use it to unlock the “i am an adult mode”.

    The nullifier is whats used to make sure someone can’t use their passport more than once on multiple accounts, which is the real tricky part … but there are solutions live and usable out in the world today to mitigate this problem while providing a decent level of privacy.

    Really, we shouldn’t have these laws at all, they are fucking stupid…but if we are going to have them, we should at least do it the best we can.