What's the point of giving a single point of information about yourself to a single website, when all the websites you visit use the same trackers (from Google for example) only to merge these data points together and sell them as a package.
Parents should at least be able to overwrite the age of their child, maybe selectively allow bypasses. My experience with a computer would have been completely different if I was blocked from half of the internet. Especially when I see which kind of content gets blocked.
I do. I’m going to take a wild guess that you are an old head like me, male, and lived your youth in the wonderful internet free of commercialisation of human interaction, free to roam and find new cool things and people, a wonderful library of Alexandria to learn and spend time in.
Discuss what the experience was/is to zoomers and younger, especially girls. Did you try to play a silly online game with your friends while being constantly harassed by 3-4 adult men? How many times someone offered you money (in form of “lootboxes”) to get nude pictures of you when you were severely underage? Or was on every site you visited an algorithm pushing on your face content about how you should embrace anorexia, start gambling on what Trump says on TV, use drugs, or simply do a suicide?
Hey fellow unc’s, we really need to stop nostalgising on the computer childhood of our youth and listen to the kids (as well as a bunch of research on the topic) and face the fact that the internet of the friendly geeks and nerds of the yesterday does not exist anymore. Things have to change, if we want to have any kind of working society left whatsoever.
I completely agree with you, but what this shows is a momentous change in the landscape of the internet, facilitated by mass marketing, data collection, commercialisation and even financialisation of digital game assets.
This is a huge shift that cannot be rectified by simple age filters.
Being realistic about the problem requires being realistic about ill-conceived solutions with conspicuous benefits for commercial actors.
Besides an array of largely static, non-interactive websites, there is no hard line between content that is suitable for young eyes and not.
Unfortunate fact is that many victims consider predators manipulating them ”friends”. That’s how grooming works. We have discussed the safety of online spaces for 20-30 years now, always hearing the whatever okatform ”doing their utmost for the protection of children bla bla bla” and nothing changes. Meta, Snapchat and various games like Roblox could wipe this issue out of existent today if they wanted to. They won’t.
The fact is that we as a society have so far put the convenience and entertainment of adults before well-being of children and others, who are in the most weakest position.
I've been trying to figure out how zero-knowledge stuff would work in practice for age verification, where "when issued" (or extremely coarse, like what year), "to whom", and "where it's used" are hidden from everyone except the individual holding the proof (since that's the gold standard, and the only one worth accepting).
I get that ZK techniques work, and reveal "nothing". That's useful.
But if they reveal nothing, isn't it wide open for abuse? Couldn't one over-18-person's proof become everyone's proof, because they can't tell it's the same proof, and the issuer can't tell where or how often the proof is being used? Or are there ways to construct data leaks that are not user-identifying but are abuse-identifying (and what would that even mean)?
Zero-knowledge seems to be a bit of an oversell here. It is more like you break the knowledge up and only share the relevant parts with each party. And the facilitator (Google) arguably has access to the most information out of any of the parties involved.
When not doing privacy oriented cryptocurrency (cough money laundering cough) with ZKP's, if you really want private verification you are in a position where a single actor can authenticate the entire world and no one will know it happened. And to prevent it you assemble the pieces necessary to deanonymize anyone.
Make no mistake. ZKP age verification, as proposed, will just require multiple parties to collude to figure out your identity.
They can't even implement ZKP for remote attestation due to the auth-the-world problem.
This seems great - one question (ideally for Alan stapleberg) why is this not available for everyone? Seems like this is only applicable to the EU? Genuine question - Why would other governments not want this for their people ? I am sure there is a flip side that EU thinks is not worth more than thier people getting this kind of privacy. But what’s has to be true for some govts to think that the flip side is more beneficial than the privacy aspect. Appreciate if someone can break down how incentive structures are different and hence the resultant choices/positions
It is suspicious to me that "age assurance" is trending EXACTLY as AI agents become capable of autonomously operating a personal computer in the same way a human office worker would.
I'm afraid "age assurance" has nothing to do with "the children".
Will they not just argue that you could share the assertion, and hence we need a 'trusted' verfication point to establish it is actually you in posession of the zkp token, right now. So turn on that smartphone camera right now and obediently follow our biometric verfication instructions ...
more like walled off garden where they only, have access to children and what they watch. so now they will feed them the junk and ads curated only for children so they can get them hooked on products early on.
Way to go Google yo uhave succeeded in your goal.
CSIRO and the Australian privacy commissioner suggested this path to the Australian Government a few years ago.
I'm not a fan of technology fixes for social problems but i do think this may be in the sweet spot.
I see a lot of people here don't agree. I think they may not appreciate quite how concerned a lot of the community is about the effects of networked communication on minors. I'm not here to change people's minds, but this isn't a US problem it's a global one, and US constitutional rights views do not predominate worldwide.
Google has more customers outside the US than inside, and has more business with entities subject to non US laws than solely US domiciled entities.
If you need personalized government attestation to visit a site, then the government has the ability to dynamically deny and rescind your individual access to any site that adopts age verification, at any time.
Once adult sites adopt the system, it will creep over to any site wanting to limit their liability. Banks. Business services. Eventually almost everyone.
Liability the government will dramatize and escalate. You won't see the government pass any laws to create age-liability safe harbors.
Wikipedia is already being forced to fight to not implement age verification. Age verification managed by the government = No Wikipedia access without individually tracked, controlled and revokable government permission. [0]
Seldom has a slippery slope been so slippery.
The distance between government controlled per-citizen access to obviously adult sites, and government permissioned/controlled access to any site of substance, does not even involve a technical hurdle. It just becomes a site adoption curve. Every adoption increasing the scope of real-time government surveillance in our minute-to-minute lives, and its real-time at-will ability to deny access to whatever it chooses, whenever it chooses, and for whoever it chooses. In any combination.
Dystopia is here.
In my opinion, this is terrifying.
We need: Third party attestation, providable by anyone/entity meeting basic openly-defined criteria, limited to age attestation only, implemented with Zero Knowledge Proofs, to create a safe anonymous (unsurveiled/no personalized denials) alternative, to take the wind out of the sails of this constant governmental power grab. If it isn't solved by security minded technologists and the marketplace, the freedom destroying version will prevail - and it won't be undone.
> Once adult sites adopt the system, it will creep over to any site wanting to limit their liability. Banks. Business services. Eventually almost everyone.
This needs more emphasis. Once we make (even zero-knowledge) proofs convenient and common, it'll spread, and soon it won't be just age that's getting assured.
Someone else in the thread asked, as others have, but most pithily
> How about not needing to do age verification?
Which I agree with. However, I think that ship is sailing. Those who care about this had better find a provider that they trust and support providers they trust, because the perfect is the enemy of the good, and without the good there'll be no way to rollback to the perfect at all.
Lots of bias in this thread. But maybe we can have a technical discussion?
I'm not into this topic, so maybe someone else can answer this: How "zero-knowledge" is this actually?
As far as I understand, there are three parties here: 1. Me, the user; 2. The site I want to access; 3. The attestor (google? my government?). What do they know about each other?
Does the site know who I am?
Does the site know who my attestor is (and therefore, for example, that it doesn't like Winnie-the-Poo memes)?
Does the attestor know what site or kind of content I want to visit (and therefore e.g. if he agrees with it)?
Does the attestor know who I am?
Do I always know who the site and attestor are, and when this proof happens?
If you are controlling the middle part of the zkp, then identification should not be possible through the zkp even if the attestor and and site collude with each other (they could maybe collude based on some other information, like IP address or browser fingerprinting, ofc).
Yeah, if the entities share data they'll share data, but ZKPs give a way to, in principle, verify that they cannot link two parts of that together by doing the verification. I'm not sure I understand your flow example though. If they ask you to enter an age, but will accept a zkp that you're over 18, then you could enter any age over 18 in the first part and they would have no way of knowing.
I tried to find something definitive, but it would take more time than I have right now.
So to some degree this is assumptions, though generalized.
* Does the site know who the user is: No. That's the entire purpose here.
* Does the site know who the attestor is: Yes, they need to validate asymmetric crypto on the proof, so they need a list of public keys (which they can attach attestor identity to).
* Does the attestor know what kind of content I want to visit: They should not. With the JWT you can validate without telling the attestor which user's proof you validate. OTOH, if there's some "is this one revoked" type of API one could easily re-introduce such an information channel on accident.
* does the attestor know who the user is: Yes (or at least have some bits of information about you they are willing to attest to others. In practice assume it's Google/Apple/MS with information associated with your account, or your bank or ...)
* Does the user always know site/attestor: From a technical perspective yes. From a practical human one... doubtful.
--Googler, though far removed from this project, so no internal knowledge.
I'm not an expert either, but i've studied it a little and tried some of these stuffs.
First, the attestor is not google. Google here only provides the infra (to generate proof and verify them). Let's call the attestor the issuer, and it's the trusted authority that gives you a proof of identity.
A possible flow is:
1. (pre-req) Some issuer (a state, bank, mobile operator, etc.) issues a signed credential to my wallet (stored on my phone, for instance). This could be a full digital ID, or a narrower “proof of age” attestation.
2. Later, a site asks my browser for a proof that I satisfy some predicate, e.g. age >= 18. The site provides the "zk-program" (circuit) that needs to be executed, and awaits for proof (which are essentially proof of executions of the program on trusted yet undisclosed inputs).
3. My phone generates (ideally locally, but not ready today yet) a ZK proof that it knows a valid issuer-signed credential whose hidden attributes satisfy that predicate. Essentially, it is executing the circuit with some inputs (some are public, like public key of issuers, some of private, like the issued ID)
4. The site verifies the proof against public inputs: the issuer public key, the circuit being used, the predicate being requested, and a fresh nonce/challenge.
So to answer some of your questions.
> Does the site know who I am?
Not from the ZK proof itself, it will know who has issued your ID.
> Does the site know my attestor?
Yes, it knows their public key.
> Does the attestor know what site I am visiting?
No.
> Does the attestor know who I am?
Yes
> Do I know who the site and attestor are, and when proof happens?
I guess there are multiple possible ways to do this, depends on the UX.
I have some experience with zkp, so I’ll try to answer your question to the best off my ability. First on the terminology, the “attester” in this case I assume is whoever is anchoring the data or issued the credential you’re trying to prove. For the canonical example, let’s say you’re trying to prove age >= n via a government ID.
1. The site does not know who you are. This is the whole point. You generate a mathematical proof you possess a valid government ID that says “age >= n”
2. Yes. You are generating a zkp based on information anchored by the attester. In this case the ID issuing gov. That attester can be something other than a gov, but zkps are a bit useless if the site doesn’t know what exactly is being proved. In this case you are proving “I possess a government ID saying age >=n”. You must know about the government to care about this proof.
3. Not in this case. The attester only knows it has issued you an ID, but does not need to be further consulted. You could certainly construct a scheme such that you require a ZKP of recent written permission from some entity, but this is not inherent to ZKPs.
4. This is a UX question. If the ZK wallet and website are implemented in such a way that it’s always displayed when a credential is requested and what credential that is, then yes.
That depends on the setup but is not related to the ZKP part. “who is requesting the proof that person X has a gov ID where age >= N” is irrelevant in the context of the proof.
AFAIK, If the scheme is designed properly, then no. The attestor only knows who they have issued certificates to and the verifier only knows that they have a user that has been verified by that user. Neither the attestor or the verifier can link the two any further than that, even if they collaborate.
The attestor gives you a credential once. You can think of it as a dob (in e.g. days since 1900) with a digital signature.
Then when you want to access something age gated, you locally generate a proof that says “I have a credential signed by X, with DoB N, and N < CutOff date” where X and the CutOff date are public but the credential and the value N are hidden through the ZkP.
The attestor isn’t involved so doesn’t learn anything. The Verifier only learns the public information, and generally won’t be able to tell if two proofs are made with the same credential.
This is a big one, yeah. It looks like the current proposed system in the EU requires attestation that the relevant keys are stored in a certified HSM that will e.g. rate-limit the generation of keys.
61 comments
[ 1.4 ms ] story [ 89.9 ms ] threadParents should at least be able to overwrite the age of their child, maybe selectively allow bypasses. My experience with a computer would have been completely different if I was blocked from half of the internet. Especially when I see which kind of content gets blocked.
Discuss what the experience was/is to zoomers and younger, especially girls. Did you try to play a silly online game with your friends while being constantly harassed by 3-4 adult men? How many times someone offered you money (in form of “lootboxes”) to get nude pictures of you when you were severely underage? Or was on every site you visited an algorithm pushing on your face content about how you should embrace anorexia, start gambling on what Trump says on TV, use drugs, or simply do a suicide?
Hey fellow unc’s, we really need to stop nostalgising on the computer childhood of our youth and listen to the kids (as well as a bunch of research on the topic) and face the fact that the internet of the friendly geeks and nerds of the yesterday does not exist anymore. Things have to change, if we want to have any kind of working society left whatsoever.
This is a huge shift that cannot be rectified by simple age filters.
Being realistic about the problem requires being realistic about ill-conceived solutions with conspicuous benefits for commercial actors.
Besides an array of largely static, non-interactive websites, there is no hard line between content that is suitable for young eyes and not.
The fact is that we as a society have so far put the convenience and entertainment of adults before well-being of children and others, who are in the most weakest position.
I get that ZK techniques work, and reveal "nothing". That's useful.
But if they reveal nothing, isn't it wide open for abuse? Couldn't one over-18-person's proof become everyone's proof, because they can't tell it's the same proof, and the issuer can't tell where or how often the proof is being used? Or are there ways to construct data leaks that are not user-identifying but are abuse-identifying (and what would that even mean)?
When not doing privacy oriented cryptocurrency (cough money laundering cough) with ZKP's, if you really want private verification you are in a position where a single actor can authenticate the entire world and no one will know it happened. And to prevent it you assemble the pieces necessary to deanonymize anyone.
Make no mistake. ZKP age verification, as proposed, will just require multiple parties to collude to figure out your identity.
They can't even implement ZKP for remote attestation due to the auth-the-world problem.
And does it make sense that at least some people do want your identity before interacting with you?
It's moving the goal post from one entity to another.
You can also fake it by letting someone else solve it for you.
I'm afraid "age assurance" has nothing to do with "the children".
I'm not a fan of technology fixes for social problems but i do think this may be in the sweet spot.
I see a lot of people here don't agree. I think they may not appreciate quite how concerned a lot of the community is about the effects of networked communication on minors. I'm not here to change people's minds, but this isn't a US problem it's a global one, and US constitutional rights views do not predominate worldwide.
Google has more customers outside the US than inside, and has more business with entities subject to non US laws than solely US domiciled entities.
Once adult sites adopt the system, it will creep over to any site wanting to limit their liability. Banks. Business services. Eventually almost everyone.
Liability the government will dramatize and escalate. You won't see the government pass any laws to create age-liability safe harbors.
Wikipedia is already being forced to fight to not implement age verification. Age verification managed by the government = No Wikipedia access without individually tracked, controlled and revokable government permission. [0]
Seldom has a slippery slope been so slippery.
The distance between government controlled per-citizen access to obviously adult sites, and government permissioned/controlled access to any site of substance, does not even involve a technical hurdle. It just becomes a site adoption curve. Every adoption increasing the scope of real-time government surveillance in our minute-to-minute lives, and its real-time at-will ability to deny access to whatever it chooses, whenever it chooses, and for whoever it chooses. In any combination.
Dystopia is here.
In my opinion, this is terrifying.
We need: Third party attestation, providable by anyone/entity meeting basic openly-defined criteria, limited to age attestation only, implemented with Zero Knowledge Proofs, to create a safe anonymous (unsurveiled/no personalized denials) alternative, to take the wind out of the sails of this constant governmental power grab. If it isn't solved by security minded technologists and the marketplace, the freedom destroying version will prevail - and it won't be undone.
[0] https://www.eff.org/deeplinks/2025/07/we-support-wikimedia-f...
This needs more emphasis. Once we make (even zero-knowledge) proofs convenient and common, it'll spread, and soon it won't be just age that's getting assured.
I wonder who or what will abuse this infrustructure when they fail.
As always with tracking, the value is in the metadata.
The knowledge if you are or are not above a certain age is already privacy invasive but not that relevant for tracking or ads.
But with ZKP at least you won't need to send your creditcard, copy of ID and address to the 3rd party to verify.
> How about not needing to do age verification?
Which I agree with. However, I think that ship is sailing. Those who care about this had better find a provider that they trust and support providers they trust, because the perfect is the enemy of the good, and without the good there'll be no way to rollback to the perfect at all.
I'm not into this topic, so maybe someone else can answer this: How "zero-knowledge" is this actually?
As far as I understand, there are three parties here: 1. Me, the user; 2. The site I want to access; 3. The attestor (google? my government?). What do they know about each other?
Does the site know who I am?
Does the site know who my attestor is (and therefore, for example, that it doesn't like Winnie-the-Poo memes)?
Does the attestor know what site or kind of content I want to visit (and therefore e.g. if he agrees with it)?
Does the attestor know who I am?
Do I always know who the site and attestor are, and when this proof happens?
the system is valid zkp but any of the services in practice can still collect personally identifiable information from their users.
There is also nothing stopping the attestor to collude with the site you want to access, to reveal information about you.
Also, nothing stops a site from having a flow like: 1. Please enter your age 2. Verify that it's correct using a proof
The zkp is valid as far as the tech is concerned but the sites can still do whatever they want.
* Does the site know who the user is: No. That's the entire purpose here.
* Does the site know who the attestor is: Yes, they need to validate asymmetric crypto on the proof, so they need a list of public keys (which they can attach attestor identity to).
* Does the attestor know what kind of content I want to visit: They should not. With the JWT you can validate without telling the attestor which user's proof you validate. OTOH, if there's some "is this one revoked" type of API one could easily re-introduce such an information channel on accident.
* does the attestor know who the user is: Yes (or at least have some bits of information about you they are willing to attest to others. In practice assume it's Google/Apple/MS with information associated with your account, or your bank or ...)
* Does the user always know site/attestor: From a technical perspective yes. From a practical human one... doubtful.
--Googler, though far removed from this project, so no internal knowledge.
First, the attestor is not google. Google here only provides the infra (to generate proof and verify them). Let's call the attestor the issuer, and it's the trusted authority that gives you a proof of identity.
A possible flow is:
1. (pre-req) Some issuer (a state, bank, mobile operator, etc.) issues a signed credential to my wallet (stored on my phone, for instance). This could be a full digital ID, or a narrower “proof of age” attestation.
2. Later, a site asks my browser for a proof that I satisfy some predicate, e.g. age >= 18. The site provides the "zk-program" (circuit) that needs to be executed, and awaits for proof (which are essentially proof of executions of the program on trusted yet undisclosed inputs).
3. My phone generates (ideally locally, but not ready today yet) a ZK proof that it knows a valid issuer-signed credential whose hidden attributes satisfy that predicate. Essentially, it is executing the circuit with some inputs (some are public, like public key of issuers, some of private, like the issued ID)
4. The site verifies the proof against public inputs: the issuer public key, the circuit being used, the predicate being requested, and a fresh nonce/challenge.
So to answer some of your questions.
> Does the site know who I am? Not from the ZK proof itself, it will know who has issued your ID.
> Does the site know my attestor? Yes, it knows their public key.
> Does the attestor know what site I am visiting? No.
> Does the attestor know who I am? Yes
> Do I know who the site and attestor are, and when proof happens? I guess there are multiple possible ways to do this, depends on the UX.
1. The site does not know who you are. This is the whole point. You generate a mathematical proof you possess a valid government ID that says “age >= n”
2. Yes. You are generating a zkp based on information anchored by the attester. In this case the ID issuing gov. That attester can be something other than a gov, but zkps are a bit useless if the site doesn’t know what exactly is being proved. In this case you are proving “I possess a government ID saying age >=n”. You must know about the government to care about this proof.
3. Not in this case. The attester only knows it has issued you an ID, but does not need to be further consulted. You could certainly construct a scheme such that you require a ZKP of recent written permission from some entity, but this is not inherent to ZKPs.
4. This is a UX question. If the ZK wallet and website are implemented in such a way that it’s always displayed when a credential is requested and what credential that is, then yes.
Can they map which places requests which person?
Then when you want to access something age gated, you locally generate a proof that says “I have a credential signed by X, with DoB N, and N < CutOff date” where X and the CutOff date are public but the credential and the value N are hidden through the ZkP.
The attestor isn’t involved so doesn’t learn anything. The Verifier only learns the public information, and generally won’t be able to tell if two proofs are made with the same credential.
https://www.youtube.com/watch?v=fOGdb1CTu5c
This video is very beautifully explains it
I just posted a general solution anyone can implement without needing Google as the trusted dealer: https://news.ycombinator.com/item?id=48760492