this post was submitted on 26 Nov 2025
133 points (99.3% liked)

No Stupid Questions

44477 readers
961 users here now

No such thing. Ask away!

!nostupidquestions is a community dedicated to being helpful and answering each others' questions on various topics.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules (interactive)

Rule 1- All posts must be legitimate questions. All post titles must include a question.

All posts must be legitimate questions, and all post titles must include a question. Questions that are joke or trolling questions, memes, song lyrics as title, etc. are not allowed here. See Rule 6 for all exceptions.

Rule 2- Your question subject cannot be illegal or NSFW material.

Your question subject cannot be illegal or NSFW material. You will be warned first, banned second.

Rule 3- Do not seek mental, medical and professional help here.

Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.

Rule 4- No self promotion or upvote-farming of any kind.

That's it.

Rule 5- No baiting or sealioning or promoting an agenda.

Questions which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.

Rule 6- Regarding META posts and joke questions.

Provided it is about the community itself, you may post non-question posts using the [META] tag on your post title.

On fridays, you are allowed to post meme and troll questions, on the condition that it's in text format only, and conforms with our other rules. These posts MUST include the [NSQ Friday] tag in their title.

If you post a serious question on friday and are looking only for legitimate answers, then please include the [Serious] tag on your post. Irrelevant replies will then be removed by moderators.

Rule 7- You can't intentionally annoy, mock, or harass other members.

If you intentionally annoy, mock, harass, or discriminate against any individual member, you will be removed.

Likewise, if you are a member, sympathiser or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people, and you were provably vocal about your hate, then you will be banned on sight.

Rule 8- All comments should try to stay relevant to their parent content.

Rule 9- Reposts from other platforms are not allowed.

Let everyone have their own content.

Rule 10- Majority of bots aren't allowed to participate here. This includes using AI responses and summaries.

Credits

Our breathtaking icon was bestowed upon us by @Cevilia!

The greatest banner of all time: by @TheOneWithTheHair!

founded 2 years ago
MODERATORS
technopagan@lemmy.world
L3s@lemmy.world
jeffw@lemmy.world
L3s@hackingne.ws
133
Is it completely impossible to do age verification without compromising privacy? (lemmy.world)
submitted 1 day ago* (last edited 1 day ago) by sheridan@lemmy.world to c/nostupidquestions@lemmy.world
49 comments fedilink hide all child comments
 

To be clear, I'm not advocating for online age verification. I'm very much against it in any form. I'm just curious from a technical standpoint if it's possible somehow to construct an accurate age verification system that doesn't compromise a user's privacy? i.e., it doesn't expose the person's identity to anyone nor leaves behind a paper trail that can be traced to that person?

all 50 comments
sorted by: hot top controversial new old
[–] SorteKanin@feddit.dk 99 points 1 day ago (6 children)

In principle it should be possible to do a zero-knowledge proof.

This means that the website asking for age verification asks a yes/no question like "Is this user 18+?" and the age verification service (like a digital ID provided by the government or whatever) answers "yes" or "no" accordingly, but without telling anything else about the user. Also, the verification service should ideally not know who asked for the age verification.

So the site you want to visit only knows the thing they need to know: Whether you are 18+ or not. Nothing else. And the age verification service only knows somebody asked for age verification and provided the answer, but do not know which site you visited.

This is all possible, but I don't have high hopes this is the intended implementation of any government seeking age verification, so don't get your hopes up.

[–] birdwing@lemmy.blahaj.zone 20 points 1 day ago (1 children)

The one who asked the verification service also shouldn't know who the verification service is, imho.

[–] SorteKanin@feddit.dk 24 points 1 day ago (1 children)

I'm not sure that is feasible, because in order to trust the answer, I feel the asker must know and trust the one providing the answer. It sounds like you're imagining a system with many different ID providers? What prevents me from creating my own provider that just answers "Yes", even for people under 18? If the site asking does not know it is my fake ID service providing the answer, I'm not sure they can trust any answer.

But I won't pretend to be an expert on this topic, so perhaps it is feasible somehow.

[–] halcyoncmdr@lemmy.world 6 points 22 hours ago

the asker must know and trust the one providing the answer.

This is possible if there's a central authority for that that everyone can agree to trust, like the government records directly. The issue is ensuring the rest of the chain remains anonymous so the only thing the authority gets is the request that an undisclosed service is verifying John Doe is 18+ and nothing else. And that's not something many governments are going to want to allow with the increasingly alarming amount of authoritarian leadership.

[–] chicken@lemmy.dbzer0.com 15 points 23 hours ago (1 children)

There are some pretty strong arguments that even zk proof is a flawed way of preserving privacy though, in a variety of ways. It prevents pseudonymity by enabling one-user-one-account, and it leaves users vulnerable to being coerced to reveal their full online activities by handing over cryptographic keys.

[–] Wren@lemmy.today 9 points 22 hours ago (1 children)

Got ready to read some bullshit,

Vitalik Buterin

nevermind. But damn, what a great read. I haven't given much thought to on-chain ID in years and he lays it out pretty well. Still sounds like encrypted tokens are the way to go, but we all need to have multiple forms for it to protect anonymity.

[–] chicken@lemmy.dbzer0.com 5 points 21 hours ago (1 children)

If there's one person who knows their applied zk proofs, it's that guy.

[–] quick_snail@feddit.nl 2 points 8 hours ago

Not monero or zcash devs?

[–] AtHeartEngineer@lemmy.world 3 points 11 hours ago* (last edited 11 hours ago)

I worked in this field for 3 years, a lot of the core parts are written, but there are a few key pieces missing and no one has taken it to real production.

You can use a passport in pretty much any country and prove you're over a certain age. Here is a demo: https://github.com/dog-18/dog18

The parts that are missing are primarily around making secure nullifiers, which prevents someone from reusing identities, but also without revealing any private information. We were pursuing research that allowed nullifier generation in MPC where none of the servers or the users knew the "salt" that their identity was hashed with, so no one could recover the original piece of unique data (like their passport number, even if a govt had a hunch about which passports signed up to a service) but it would also prevent them from signing up with multiple accounts. We got our funding cut pretty bad and management was a mess, so I left and that research I think was shut down. This really is the key part to actually make that viable in the real world though. It's maybe a year worth of research and a year worth of production left to make that practical.

[–] quick_snail@feddit.nl 2 points 8 hours ago (1 children)

Does that mean the government sees all the sites I've visited?

[–] SorteKanin@feddit.dk 3 points 7 hours ago

No, that's what I wrote as well. The identity service would not know what sites were visited or ideally not even how many sites were visited.

[–] perviouslyiner@lemmy.world 1 points 1 day ago (2 children)

doesn't this just raise the authentication requirements? like in the uk we got added checks for who was could work, and lots of deliveroo drivers shared the login + password of someone they knew who was verified.

[–] Hoimo@ani.social 2 points 3 hours ago

You could make it single-use tokens and rate limit individual users when they request too many tokens in a short time. Someone could still share their tokens with a friend, but it doesn't scale to where thousands are verifying with some stranger's id.

[–] Beacon@fedia.io 1 points 1 day ago

I think it should be easy to identify when an account is being shared. For example if it's used from different ip addresses within a short amount of time

[–] Strider@lemmy.world 1 points 15 hours ago

Indeed, technologically it is absolutely possible in multiple ways.

But the tempting possibilities of doing more than that are just too great.

[–] Zachariah@lemmy.world 37 points 22 hours ago* (last edited 22 hours ago) (1 children)

Even if it works, it’s a solution without a problem. If I can afford internet access, I am mature enough to see anything on the internet, and I am mature enough to decide which users can access my internet-connected network and whether they can have access to the whole internet. That’s all the age verification needed ever.

The request for age verification by each website is purely about unnecessary control and censorship.

[–] quick_snail@feddit.nl 1 points 8 hours ago* (last edited 8 hours ago) (1 children)

Internet access is like $1 in most countries (Sim card data).

I don't know about you, but the tooth fairy gave me enough money to pay for internet access before my skull was old enough to finish growing adult teeth...

[–] Zachariah@lemmy.world 2 points 4 hours ago

And you had the capacity to pay for internet access?

[–] ininewcrow@lemmy.ca 34 points 1 day ago (2 children)

The problem is not the system or the idea of age verification

The problem is that no one on earth can be trusted with that level of monitoring, control and power.

[–] edgemaster72@lemmy.world 10 points 1 day ago (2 children)

Nah you can totally trust me, I'm too lazy to do anything nefarious

[–] original_reader@lemmy.zip 7 points 1 day ago

Wait until you have that power and you're made offers that are hard to resist.

[–] ininewcrow@lemmy.ca 7 points 1 day ago (1 children)

Great! .... the solution to our problems ... let's all trust edgemaster72

[–] edgemaster72@lemmy.world 9 points 1 day ago* (last edited 1 day ago) (2 children)

Oh, oh shit, this has backfired massively, I didn't think anyone would go along with it, that's way too much responsibility

[–] some_kind_of_guy@lemmy.world 5 points 18 hours ago

This is precisely what the chosen one would say!

[–] AtHeartEngineer@lemmy.world 3 points 11 hours ago (1 children)

You definitely can do this with cryptography, it's a really hard problem, but I worked in this space for a number of years, it's possible.

[–] ininewcrow@lemmy.ca 1 points 9 hours ago (1 children)

Like I implied, the problem isn't the HOW to do it.

The problem is in giving any one person, government, corporation or company this amount of power and control.

And because it's so powerful, no one who had it would want to give up control by making it anonymous or in objectively protecting privacy for the user.

[–] AtHeartEngineer@lemmy.world 3 points 8 hours ago

Right, I understand that perspective, but there is a way to do this with multi-party computation and some other cryptography where no one would have the actual power/be able to see the data/have control. The main issue is it's expensive to run and no one would be incentivized to run it.

[–] DeathByBigSad@sh.itjust.works 15 points 1 day ago* (last edited 1 day ago) (1 children)

Its possible.

Open source front-interfacing app + a secure element thing in the backgound.

You download an app. You verify your identity, then the app sets up a OTP thing with the shared secret seed lasting for 30 days. But every 30 seconds the OTP changes. Everyone doing a verification in these 30 days gets the same exact secret seed.

The seed hides in the secure element of your device. (it won't be impossible to extract, but the average kid is not gonna be able hack a secure element) Every 30 seconds, it releases the new OTP to the Open source app. The app doesn't connect to the internet once the OTP has already been set up. So nobody knows if you actually view the OTP code.

So the government only knows you have the verification OTP set up not which websites you visited, the website only knows you have a valid OTP from the government, but you could be any of the people in the past 30 days (which the company don't even have access to).

Even if the company and government cooperates, they could only pin down the time of website registration and that you are one of the millions of people that did the verification and requested a OTP Seed.

(Idk the exact terminology for these things, but hopefully I make sense)

[–] anton@lemmy.blahaj.zone 4 points 1 day ago

The seed hides in the secure element of your device. (it won't be impossible to extract, but the average kid is not gonna be able hack a secure element).

But only one person needs to "hack" it on their device to publish the key, allowing everyone to use it without "hacking" their own device.

You can't store a key on a device and keep it safe from the owner.

[–] ameancow@lemmy.world 11 points 10 hours ago* (last edited 10 hours ago)

In my ideal world, it's not an issue because parents don't let kids under a certain age or demonstrated maturity level have computers in their room alone, and even better, they teach their kids how to not have problems with predators, porn, and the deluge of online weirdness and have open, honest talks about how some things are dangerous because they prey on you, some things are dangerous because they get you hooked on certain feelings, and some things are dangerous because they give you false impressions of the world and relationships.

We're about as close to that world as interstellar exploration, I know. Imagine having parents who you don't feel afraid to talk to about mature topics and personal matters.

And all that aside, why is it such a big deal that kids not see boobs but they can see violence and gore? Why is it magically okay for Timmy Neckbeard to watch strangle-fetish porn night and day as soon as he turns 18? Why do we scream about how porn is ruining kids minds but we're not taking down the grifting "masculinity influencers" with as much zeal as we're going after pornhub and other sites that are mostly just consenting adults doing fun biological acts together? Why do we say porn companies are evil and not do anything to make it less evil like better regulations and resources since we know people are going to find ways to make and view it anyway? (These aren't questions for Lemmy but I would sure love to see communities start asking these questions to their elected representatives.)

Our species' obsession with clear lines and labels is making us ignore where the actual problems are, we build fences around the outcomes not the sources. We create solutions to problems we don't even want to look at directly. It's like the government handing out umbrellas to combat the issue with the massive water main leak flooding the street.

[–] blaggle42@lemmy.today 10 points 10 hours ago (1 children)

Yes. Look up "zero knowledge proofs"

[–] blaggle42@lemmy.today 13 points 10 hours ago (1 children)

I mean "no, look up zero knowledge proofs"

[–] Nighed@feddit.uk 7 points 1 day ago* (last edited 1 day ago) (1 children)

The government knows who you are. They know your age, your address and know you exist (probably).

You go to a site that requires ages verification. You say:please verify me with the government portal. You go to that portal to get a temporary id code to give to the site. The website says to the gov portal give me the name and age of the user with this temp ID. You approve that access. Portal sends age (or an is over 16/18/21 etc flag) to the site.

  • Gov portal doesn't need to know who the site is.
  • You don't provide a unique ID to the website, just a temporary one.
  • as if codes are temporary, you must have access to the id/login now, not just at some point
  • Site only gets the data you approve/it requested,.not everything.

The process can do with some streamlining, but should work in practice?

[–] AtHeartEngineer@lemmy.world 2 points 11 hours ago

Ya you could definitely do this way too. There is a standard that google came up with called private state tokens that would allow you to do this in a pretty clean way, if you were cool with using your governments portal.

Essentially you would login to the govt portal, they would issue you some limited set of tokens (let's say 5) that would expire after 30 days. You would go to an age restricted website and sign up and that would "burn" a token.

You could use ZK on top of this to make sure that the same email address or some other "nullifier" piece of information was used, to prevent an 18 yo kid from selling their tokens to 17 yos.

[–] birdwing@lemmy.blahaj.zone 7 points 1 day ago* (last edited 1 day ago)

Zero-knowledge proof. Medium has a practical example, though unfortunately the article logs user data, so beware on that.

[–] Modern_medicine_isnt@lemmy.world 6 points 6 hours ago (1 children)

Nope, you always need a middle man to do the verification. That middle man has too much information.

Also, if you could solve for the middle man, there is no way to know the user belongs to the ID. It can easily be stolen.

[–] dickalan@lemmy.world -2 points 2 hours ago (1 children)

I figured you were wrong so I asked an AI and it confirmed what the people below you were saying, you really do seem to be talking straight out of your ass

Yes, it is technically possible to build an accurate, high-confidence age-verification system that does not compromise privacy in the traditional sense (i.e., no central database of IDs, no name/address/DOB stored by the site, no paper trail that can be subpoenaed or leaked). The core tool that makes this feasible is zero-knowledge proofs (ZKPs), specifically age-based ZK proofs.

How a privacy-preserving age check actually works in 2025

  1. User proves age to a trusted credential issuer once
    • Government digital ID (e.g., EU eIDAS wallet, some U.S. mobile driver’s licenses, Yoti, ID.me, etc.)
    • The issuer cryptographically signs a statement like “This private key belongs to someone born before 2007-11-27” without ever revealing the exact birthdate. User generates a zero-knowledge proof
    • Using their phone or browser, they create a proof that says:
      “I have a valid credential signed by [Trusted Issuer] that confirms I am 18+ (or 21+).”
    • Nothing else is revealed: no name, no exact age, no birthdate, no issuer identity if you want to go fully anonymous. Website verifies the proof in <1 second
    • The site checks the cryptographic signature and that the policy (“18+”) is satisfied.
    • It learns literally nothing else about the person.

Real-world implementations that already exist or are in late-stage pilots (November 2025):

  • Worldcoin’s World ID “age 18+” orb-verified credential + ZK proof
  • Polygon ID / zkBridge systems used by some adult sites
  • SpruceID + Ethereum Attestation Service kits
  • Gitcoin Passport + ZK age attestations
  • Proof-of-Humanity + age minimum circuits
  • Yoti + ZK prototype (demoed 2024–2025)

Remaining practical hurdles (why it’s not universal yet)

  • User has to have a compatible digital credential in the first place (adoption still <30% in most countries)
  • Friction: first-time setup takes 2–10 minutes instead of 3 seconds
  • Most adult sites don’t want to pay the (tiny) gas/verification fee or integrate the SDKs
  • Regulatory gray zone in some jurisdictions that still mandate “know your customer” records

Bottom line
Technically: Yes, 100% possible today with zero-knowledge age proofs.
Practically: It exists, works, and is slowly rolling out, but the porn industry and most social platforms still prefer cheap/frictionless (but privacy-invasive) methods or just do nothing.

So the top reply in your screenshot (“you always need a middle man with too much information”) is outdated — cryptography has already solved the “middle man” problem. The real blocker now is deployment inertia, not theory.

[–] Modern_medicine_isnt@lemmy.world 1 points 22 minutes ago

Read back what you wrote. Your first line was about a trusted credential provider. Thats a middle man. Then you talk about creating a proof. Guess what, that phone and browser are known to spy on you excessively. That's another middle man. And odds are that same phone or browser it what you will use to access something that needs the verification. So the same phone or browser has all parts of the information.
And of course it's pointless because anyone could steal an ID and get themselves a key. Or steal your phone... so it wouldn't even prove anything.

[–] daniskarma@lemmy.dbzer0.com 5 points 14 hours ago* (last edited 14 hours ago)

It's possible with certificates and 2fa issued by a government, which already have all your data, that would only verify that you are over 18.

We already have that in Spain, sort of. We have a government app where you have a digital id stored and you can make it create a verify qr that only shows if the user is over 18 or under 18, no more data. The qr only last 5 minutes active.

It is necessary? Not for internet access. That's a duty of the one paying for internet in the household, not the government. If they have underage kids under their responsibility it's their duty to make sure that they get good education about what to see and what not and restrict access if needed. Having the government to universally interfere everyone it's just plain bad.

[–] pdqcp@lemmy.dbzer0.com 4 points 1 day ago

Yes, it is, see quark ID as an example of decentralized open source project by the city of Buenos Aires, in Argentina, which leverages zero knowledge proofs:

https://quarkid.org/
https://github.com/ssi-quarkid

[–] howrar@lemmy.ca 3 points 1 day ago* (last edited 1 day ago) (1 children)

Depends on how reliable you need this system to be. For example, do you need to handle the scenario where an adult verifies their age to access a website, then lets a minor use that website in their place? That would be a much harder problem to solve than if you just need to verify that an adult was present on the other end at one point in time. For the latter, device-based age verification seems to be trivial to set up from a technical standpoint while fulfilling that criterion.

[–] UsedCumSock@sh.itjust.works 3 points 1 day ago (1 children)
  1. Sign up for age verification platform and upload your government ID on the platform (let's call this platform Age Verifier).
  2. Age Verifier confirms you're an adult, and lists you as an adult in their system.
  3. Age Verifier purges your government ID and any PII on you. The only thing they keep is your basic account details and the fact that they've confirmed you're an adult.
  4. The next time you login to an adult site, you verify yourself by logging into Age Verifier's platform. The adult site confirms with Age Verifier that you're an adult, and you're good to go.

This system probably works, but it's not without its downsides. We'll need a way to confirm that your government ID and PII is actually deleted on Age Verifier's platform. A way to deal with this might be to make sure Age Verifier is never driven by profit so they'll never need to look into selling people's data. Maybe it could be ran by a non-profit? Or perhaps it can be ran by the government? But if you don't trust the government, that could be an issue.

And I can also see an issue where one guy who keeps creating different Age Verifier accounts, verifying that the account is an adult, and then selling that account to people.

[–] xavier666@lemmy.umucat.day 3 points 18 hours ago* (last edited 18 hours ago)

We’ll need a way to confirm that your government ID and PII is actually deleted on Age Verifier’s platform.

IMO this is the hardest part to ensure in a transparent manner.

And I can also see an issue where one guy who keeps creating different Age Verifier accounts, verifying that the account is an adult, and then selling that account to people.

The token needs to be time and device sensitive. Should be possible via a hash

[–] quick_snail@feddit.nl 2 points 8 hours ago

Yes, but your government doesn't want that.

[–] Archangel1313@lemmy.ca 2 points 1 day ago (1 children)

It's only possible as long as you trust the people you're giving your information to. So...no.

[–] AtHeartEngineer@lemmy.world 1 points 10 hours ago

Not true, there are ways to do this privately with cryptography

[–] AtHeartEngineer@lemmy.world 1 points 10 hours ago

If anyone is doing actual work trying to solve this please DM me, I'm interested in helping.