HN Debrief

Opening up 'Zero-Knowledge Proof' technology to promote privacy in age assurance

  • Privacy
  • Security
  • Regulation
  • Infrastructure
  • Consumer Internet

Google’s post says it has open-sourced cryptographic libraries that let a person prove a narrow fact like "I am over 18" without revealing their exact birth date or identity. The basic idea is familiar from zero-knowledge proofs: an issuer such as a government or bank signs a credential once, the user keeps it in a wallet, and later a site verifies a proof derived from that credential without seeing the underlying document. That is a meaningful improvement over today’s common approaches, which often involve uploading an ID, credit card, or selfie to a website or verification vendor.

If your company may face age-check rules, start planning for user-agent or device-level controls and demand architectures where the issuer is not in the verification loop. Also treat "privacy-preserving age assurance" as only half the problem, because the enforcement layer can still become device attestation, centralized logging, or broad identity gating.

Discussion mood

Mostly skeptical and alarmed. People liked the idea of not uploading IDs to random sites, but the dominant mood was that age assurance is becoming a pretext for broader identity gating, metadata collection, and trusted-device requirements that outlive the child-safety rationale.

Key insights

  1. 01

    What a clean ZKP scheme actually hides

    A properly designed credential flow can be much narrower than many people assumed. The issuer signs a credential once, the user proves a predicate like age over 18 locally, and the verifier checks the proof without asking the issuer in real time. That means the issuer need not learn what site is being visited, even though the verifier still knows which issuer’s public key it trusts and can still correlate users through ordinary network and browser metadata.

    When evaluating vendors or standards, separate the proof protocol from the surrounding telemetry. Ask explicitly whether the issuer is online during verification, what metadata each party sees, and what correlation channels remain outside the cryptography.

      Attribution:
    • amwet #1
    • abricq #1
    • ongy #1
    • rcxdude #1
    • sizero #1
  2. 02

    Proxying pushes the system toward locked-down devices

    Age proofs are trivial to relay if users can run arbitrary software or let someone else operate the wallet on their behalf. Commenters argued that any scheme meant to resist sharing will end up relying on secure hardware, human-presence checks, remote attestation, or certified execution environments. That changes the political trade from "privacy-preserving proof" to "privacy in exchange for less software freedom" and potentially shuts out Linux, modified clients, and the open web model.

    Do not assess these systems on the cryptography alone. If the roadmap quietly requires attested hardware or approved client software, treat that as the core product decision, not an implementation detail.

      Attribution:
    • mindslight #1 #2 #3
    • rcxdude #1
    • miki123211 #1
  3. 03

    Device-level controls fit the problem better

    Several people converged on a simpler architecture. Sites publish age ratings or content flags, then the browser, operating system, or parental-control layer decides whether to block, warn, or request approval. This keeps policy on the user side, lets parents override defaults, avoids identity checks for every site visit, and matches how many existing child-safety tools already work.

    If you build consumer software, support machine-readable age labels and client-side enforcement before adding identity workflows. It is cheaper, easier to explain to regulators, and far less likely to create a lasting identity infrastructure.

      Attribution:
    • skybrian #1
    • kevincox #1
    • IshKebab #1
    • nerdsniper #1
    • mindslight #1
  4. 04

    Normalization is the bigger risk than porn gating

    The strongest civil-liberties argument was not about adult sites at all. Once a privacy-preserving proof becomes common and easy to demand, the same rails can spread to banks, forums, business tools, and knowledge sites under liability pressure. Even if the first use is narrow and anonymous, the habit of treating web access as contingent on attestations can widen far faster than the original policy promise.

    Watch for scope creep in contracts and product requirements. A narrowly justified compliance feature can become a default gate across your stack once legal, trust, or fraud teams realize the plumbing already exists.

      Attribution:
    • Nevermark #1 #2
    • like_any_other #1
    • jonathanstrange #1
    • brigandish #1
  5. 05

    Open source libraries do not answer the trust question

    A recurring objection was that publishing a cryptography library is not the same as proving the deployed wallet or verifier behaves privately. If Google or another wallet provider also controls the app, the dependency, or the surrounding identity service, it may still collect who is asking for proofs and where they are being used. The math can be sound while the product remains a rich metadata source.

    Audit the operational architecture, not just the protocol paper or GitHub repo. The questions that matter are who runs the wallet, who can update it, what it logs, and whether independent implementations are realistic.

      Attribution:
    • doginasuit #1 #2
    • _alternator_ #1
    • EGreg #1 #2
  6. 06

    Binary attributes still become identity when combined

    Even if each proof reveals only one coarse fact, repeated attribute checks can still narrow a person down once combined with IP address, fingerprinting, or account context. One commenter pushed back that proper ZK proofs are unlinkable by themselves, which is true at the protocol layer. The practical lesson is harsher: unlinkable proofs do not save you from the rest of the web stack doing the linking.

    Treat selective disclosure as a reduction in blast radius, not as anonymity by itself. If you care about privacy outcomes, pair it with anti-fingerprinting, minimal logging, and strict limits on what predicates services are allowed to request.

      Attribution:
    • anon-3988 #1
    • onion2k #1
    • alexghr #1
    • xinayder #1
    • hashmal #1

Against the grain

  1. 01

    The child-safety problem is real even if this fix is weak

    A minority view pushed back on the reflexive libertarian tone. The open internet many adults remember is not the one children use now. Kids face harassment, manipulative recommendation feeds, gambling mechanics, sexual coercion, and products designed around extraction. From that perspective, dismissing age assurance outright ignores why these laws keep gaining support across countries, even among people who dislike the implementation.

    If you oppose age verification, pair that stance with a concrete child-safety alternative. Otherwise regulators and the public will hear a defense of the status quo, and the worst available compliance regime will keep winning.

      Attribution:
    • delis-thumbs-7e #1
    • finghin #1
    • ggm #1
  2. 02

    Anonymous credentials can address token sharing better than critics suggest

    Some of the hardest critiques assumed that a private age token would inevitably be reusable forever or easy to leak widely. Others pointed out that anonymous credential systems have known answers for replay resistance, revocation, expiry, challenge binding, and even limited double-spend detection. Those fixes are not free, but they mean the technical design space is broader than "fully anonymous and useless" versus "centralized and surveilled."

    Do not let worst-case sketches stand in for the whole field. If age assurance becomes mandatory in your market, insist on designs grounded in mature anonymous credential research rather than simplistic OAuth-style identity checks.

      Attribution:
    • Aurornis #1
    • DennisP #1
    • Nursie #1 #2
  3. 03

    A privacy-preserving compromise may be the only politically viable move

    A few commenters were blunt that telling lawmakers to drop age assurance entirely is not a strategy. Politicians want a child-protection story, and that incentive is stronger than technical objections. In that environment, offering a design that meets the political goal with fewer surveillance side effects may have more real impact than absolutist opposition.

    If you are engaging policymakers, lead with an implementable substitute rather than a pure veto. The opening is to narrow the damage, not to assume the whole issue can be wished away.

      Attribution:
    • semi-extrinsic #1
    • miki123211 #1

In plain english

browser fingerprinting
Tracking a user by combining many small browser and device characteristics into a pattern that is often unique.
issuer
The organization that creates and signs a credential, such as a government, bank, or mobile operator.
public key
The shareable half of an asymmetric cryptography key pair that others use to verify signatures or proofs.
remote attestation
A way for a device to prove to a service that it is running approved hardware or software that has not been modified.
verifier
The website or service that checks whether a proof is valid.
wallet
Software, often on a phone, that stores digital credentials and generates proofs from them.
ZKP
Short for zero-knowledge proof, a cryptographic proof that reveals only the fact being proven and not the hidden data behind it.

Reference links

Technical explainers and primers

Standards and implementation docs

Policy and rights context

Research and criticism of social media harm claims

Related cryptography references