The scheme from the Danish government, shared in another comment, avoids the sharing by allowing token to be used only once, and, because the government issues the tokens, it can block people from getting tokens if they detect abuse. This can be done by rate-limiting, geoblocking and all sorts of techniques.
Remember that the function of the anonymous token is to not allow the service provider (like an OS, or a a website) to see your identity. This still allows the government to see which service provider you are using.
Hopefully the service provider can form pools yo block the government from knowing each individual website, but that’s not a given.
This still allows the government to see which service provider you are using.
That was a poor choice then. They can do this with ZKP and not even know that.
Like it should be doable where sure the website might ask the government if its valid, but the government doesnt know who owns the token, so all they know is someone accessed the site, not who. So they could know general traffic to sites, but that would be it.
There would be ways to hide even the site as well where the website gives you a non identifying token to use with yours and be verified by the government as well, then they only know some site is requesting verification and sign it back to you as valid and you return it to the site. In this one the government only knows your using it, but not where.
Edit: clarity, but also if they put this much effort into the system using ZKP, this oversight almost sounds intentional so they can track people / population usage even if less.
Edit: 10 years from now - our age restriction service shows traffic to porn hub increased 10x over the past decade while poverty has increased! PornHub is clearly the cause of our poverty situation we should ban it! The traffic is too high! A bit over the top, but the info is still useful to them.
The scheme from the Danish government, shared in another comment, avoids the sharing by allowing token to be used only once, and, because the government issues the tokens, it can block people from getting tokens if they detect abuse. This can be done by rate-limiting, geoblocking and all sorts of techniques.
Remember that the function of the anonymous token is to not allow the service provider (like an OS, or a a website) to see your identity. This still allows the government to see which service provider you are using.
Hopefully the service provider can form pools yo block the government from knowing each individual website, but that’s not a given.
That was a poor choice then. They can do this with ZKP and not even know that.
Like it should be doable where sure the website might ask the government if its valid, but the government doesnt know who owns the token, so all they know is someone accessed the site, not who. So they could know general traffic to sites, but that would be it.
There would be ways to hide even the site as well where the website gives you a non identifying token to use with yours and be verified by the government as well, then they only know some site is requesting verification and sign it back to you as valid and you return it to the site. In this one the government only knows your using it, but not where.
Edit: clarity, but also if they put this much effort into the system using ZKP, this oversight almost sounds intentional so they can track people / population usage even if less.
Edit: 10 years from now - our age restriction service shows traffic to porn hub increased 10x over the past decade while poverty has increased! PornHub is clearly the cause of our poverty situation we should ban it! The traffic is too high! A bit over the top, but the info is still useful to them.