It is possible to construct a zero-knowledge proof using cryptography and adapting existing digital ID infrastructure. A user can prove that they have knowledge of a private key tied to an adult’s identification card without having to reveal the key, or the associated public key.
But that being said, whether something is possible and whether it is a good idea are two different questions.
I’ve never heard anyone explain how you can devise a system that is both Anonymous and immune to somebody handing out their zero knowledge proof tokens by the handful
tl;dr: The “zero knowledge” proof could have a finite number of uses per block of time for each verifier, each of which represented by a unique single-use key. This way anyone sharing keys would be limited by that finite number of uses, and if people sharing this aren’t coordinated they could end up re-using a single-use key.
If the encryption was stolen without their consent, this could tip a user off prompting them to invalidate the current set and get a new one. And if the verification is used to support a pseudonym like an account for an online service then instances of re-use could get flagged for moderators.
It is possible to construct a zero-knowledge proof using cryptography and adapting existing digital ID infrastructure. A user can prove that they have knowledge of a private key tied to an adult’s identification card without having to reveal the key, or the associated public key.
But that being said, whether something is possible and whether it is a good idea are two different questions.
I’ve never heard anyone explain how you can devise a system that is both Anonymous and immune to somebody handing out their zero knowledge proof tokens by the handful
Matthew Green the CS/cryptography professor is actively writing about this in fairly broad language https://blog.cryptographyengineering.com/2026/03/02/anonymous-credentials-an-illustrated-primer/
tl;dr: The “zero knowledge” proof could have a finite number of uses per block of time for each verifier, each of which represented by a unique single-use key. This way anyone sharing keys would be limited by that finite number of uses, and if people sharing this aren’t coordinated they could end up re-using a single-use key.
If the encryption was stolen without their consent, this could tip a user off prompting them to invalidate the current set and get a new one. And if the verification is used to support a pseudonym like an account for an online service then instances of re-use could get flagged for moderators.
This is interesting, thanks for sharing