←back to thread

Show HN: Anonymous Age Verification

(gist.github.com)
70 points jwally | 2 comments | 31 Aug 25 17:14 UTC | HN request time: 0.001s | source

So I'm not an expert in this area, but here's an attempt at cost effective, anonymous, age verification flow that probably covers ~70% of use cases in the United States.

The basic premise is to leverage your bank (who already has had to perform KYC on you to open an account) to attest to your age for age-restricted merchant sites (pornhub, gambling, etc) without sharing any more information than necessary.

Flow works like this:

1) You go to gambling.com

2) They request you to verify your age

3) You choose "Bank Verification"

4) You trigger a WebAuthn Credential Creation flow

5) gambling.com gives you a string to copy

-------------

6) You log into your bank

7) You go to bank.com/age-verify

8) You paste in the string you were given

9) The bank verifies it/you and creates a signed payload with your age-claims (over_18: true, over_21: false)

10) You copy this and go back to gambling.com

---------------

11) You paste the string back into gambling.com

12) You perform WebAuthn Auth flow

13) gambling.com verifies everything (signatures, webauthn, etc)

14) gambling.com sets a session-cookie and _STRONGLY_ encourages you to create an account (with a pass key). This will prevent you from having to verify your age every time you visit gambling.com

The mechanics might feel off, but it feels like this in the neighborhood of a way to perform anonymous age verification.

This is virtually free, and requires extremely light infra. Banks can be incentivized with small payments, or offer it because everyone else does and don't want to get left behind.

Show context
perihelions ◴[31 Aug 25 21:49 UTC] No.45087411[source]
This isn't an anonymous protocol. It's asks for trust that the bank and the media platforms who age-restrict political protests aren't colluding to store all verification requests indefinitely, to build shadow profiles for evil reasons. (Of course they can doxx people if they collude: they have shared timing and device fingerprints).

Translate this to a state collapsing into a dictatorship, like Serbia or Turkey, and you'd expect the supposed "trusted" verifiers, banks, to be run by people who collude with the people black-bagging people.

The assumption "banks are ultimately trusted" is not a sound assumption.

The implicit assumption "age attestation cryptography is only for unimportant things like gambling.com, so we can YOLO this" is not sound. Age-attestation is a general-purpose backdoor for doxxing people in many contexts—not just unimportant ones that are embarrassing at worst.

replies(1): >>45087494 #
jwally ◴[31 Aug 25 22:00 UTC] No.45087494[source]
But the bank doesn't know where you're going. Only that you need to attest to verification.

Further, if you encountered a bad KYC actor, there's this; which if I understand it makes it impossible to correlate you to a merchant by crypto alone. https://arxiv.org/pdf/1907.06381

You could use a VPN just for interacting with your bank or TOR for hyper vigilance...

p.s. thx sxp!

replies(1): >>45087667 #
perihelions ◴[31 Aug 25 22:28 UTC] No.45087667[source]
If the bank and the website collude, they can de-anonymize attestation requests by correlating their two views of the interaction—the timestamps and various device fingerprints. It's impossible to make strong security guarantees against this threat model—imperfect statistical ones, at best.

Your version makes this trivial, since per your other comment, you expect the bank to insist on seeing the same IP address as the website, as an anti-fraud measure. ("If your IP doesn't match what you had at the bank, the RP rejects you.")

replies(1): >>45090954 #
jwally ◴[01 Sep 25 09:10 UTC] No.45090954[source]
Salt and hash the IP or something so the RP can see the user's IP is the same as the bank's; but not necessarily _what_ the IP is...?
replies(1): >>45091084 #
1. perihelions ◴[01 Sep 25 09:34 UTC] No.45091084[source]
You want the website to (1) look at a visitor's IP address, and (2) compare a cryptographic hash of that same IP address, to test for equality? Did you forget that (1) they have that IP address to begin with?
replies(1): >>45091230 #
2. jwally ◴[01 Sep 25 09:55 UTC] No.45091230[source]
Given the static nature of most residential IP addresses, what stops this from happening today?

If I subpoena facebook, google, chase, and pornhub - I can unmask who you are by correlating your IP and profile info. If I want higher certainty, I can further narrow down time windows.