To be clear, I’m not advocating for online age verification. I’m very much against it in any form. I’m just curious from a technical standpoint if it’s possible somehow to construct an accurate age verification system that doesn’t compromise a user’s privacy? i.e., it doesn’t expose the person’s identity to anyone nor leaves behind a paper trail that can be traced to that person?

  • dickalan@lemmy.world
    24·
    3 hours ago

    I figured you were wrong so I asked an AI and it confirmed what the people below you were saying, you really do seem to be talking straight out of your ass

    Yes, it is technically possible to build an accurate, high-confidence age-verification system that does not compromise privacy in the traditional sense (i.e., no central database of IDs, no name/address/DOB stored by the site, no paper trail that can be subpoenaed or leaked). The core tool that makes this feasible is zero-knowledge proofs (ZKPs), specifically age-based ZK proofs.

    How a privacy-preserving age check actually works in 2025

    1. User proves age to a trusted credential issuer once
      • Government digital ID (e.g., EU eIDAS wallet, some U.S. mobile driver’s licenses, Yoti, ID.me, etc.)
      • The issuer cryptographically signs a statement like “This private key belongs to someone born before 2007-11-27” without ever revealing the exact birthdate. User generates a zero-knowledge proof
      • Using their phone or browser, they create a proof that says:
        “I have a valid credential signed by [Trusted Issuer] that confirms I am 18+ (or 21+).”
      • Nothing else is revealed: no name, no exact age, no birthdate, no issuer identity if you want to go fully anonymous. Website verifies the proof in <1 second
      • The site checks the cryptographic signature and that the policy (“18+”) is satisfied.
      • It learns literally nothing else about the person.

    Real-world implementations that already exist or are in late-stage pilots (November 2025):

    • Worldcoin’s World ID “age 18+” orb-verified credential + ZK proof
    • Polygon ID / zkBridge systems used by some adult sites
    • SpruceID + Ethereum Attestation Service kits
    • Gitcoin Passport + ZK age attestations
    • Proof-of-Humanity + age minimum circuits
    • Yoti + ZK prototype (demoed 2024–2025)

    Remaining practical hurdles (why it’s not universal yet)

    • User has to have a compatible digital credential in the first place (adoption still <30% in most countries)
    • Friction: first-time setup takes 2–10 minutes instead of 3 seconds
    • Most adult sites don’t want to pay the (tiny) gas/verification fee or integrate the SDKs
    • Regulatory gray zone in some jurisdictions that still mandate “know your customer” records

    Bottom line
    Technically: Yes, 100% possible today with zero-knowledge age proofs.
    Practically: It exists, works, and is slowly rolling out, but the porn industry and most social platforms still prefer cheap/frictionless (but privacy-invasive) methods or just do nothing.

    So the top reply in your screenshot (“you always need a middle man with too much information”) is outdated — cryptography has already solved the “middle man” problem. The real blocker now is deployment inertia, not theory.

    • Modern_medicine_isnt@lemmy.world
      2·
      1 hour ago

      Read back what you wrote. Your first line was about a trusted credential provider. Thats a middle man. Then you talk about creating a proof. Guess what, that phone and browser are known to spy on you excessively. That’s another middle man. And odds are that same phone or browser it what you will use to access something that needs the verification. So the same phone or browser has all parts of the information.
      And of course it’s pointless because anyone could steal an ID and get themselves a key. Or steal your phone… so it wouldn’t even prove anything.