There isn’t one. Local, on-device zero knowledge proof in a cross-platform OSS app. You scan your ID’s NFC tag, once. Site only gets “is over 18 y/n” info. We all already have these IDs and they are used for a bunch of stuff, from doing taxes to creating bank accounts.
Oh, really? So it depends on some kind of user-inaccessible secure enclave TPM type of thing? That would sort of rule out the “works on any device” objective.
The site can not request the information by itself, so you would have to actively do this procedure by yourself. And why would you try to send a certificate if you are under 18. And this trick only works once in a lifetime only on website that track you in a way (the certificate is not able to be used to track you, afaik not even across individual usages, so if you use a porn website every day and have to send a new certificate every day it’s not able to track you).
No. As the other person said. The answers to the zkp do not refer to each other. All the site knows is SOME user was not 18 yesterday, and today SOME user is 18 (or 24… or 89…). No relation between the two zkps/certs.
Who’s running the background here?
There isn’t one. Local, on-device zero knowledge proof in a cross-platform OSS app. You scan your ID’s NFC tag, once. Site only gets “is over 18 y/n” info. We all already have these IDs and they are used for a bunch of stuff, from doing taxes to creating bank accounts.
Oh, really? So it depends on some kind of user-inaccessible secure enclave TPM type of thing? That would sort of rule out the “works on any device” objective.
So when the site got “is under 18” yesterday and “is over 18” today, they now know your birthday. Cool.
The site can not request the information by itself, so you would have to actively do this procedure by yourself. And why would you try to send a certificate if you are under 18. And this trick only works once in a lifetime only on website that track you in a way (the certificate is not able to be used to track you, afaik not even across individual usages, so if you use a porn website every day and have to send a new certificate every day it’s not able to track you).
Still doesn’t know you name, location, sex, and every other verifiable metric.
And your plan only works once in a blue moon (literally).
No. As the other person said. The answers to the zkp do not refer to each other. All the site knows is SOME user was not 18 yesterday, and today SOME user is 18 (or 24… or 89…). No relation between the two zkps/certs.
Browser fingerprinting is a thing, though. The site already know who you are. This doesn’t really change anything.
deleted by creator