Show HN: Anonymous Age Verification

This isn't an anonymous protocol. It's asks for trust that the bank and the media platforms who age-restrict political protests aren't colluding to store all verification requests indefinitely, in secret, to build shadow profiles for evil reasons. (Of course they can doxx people if they collude: they have shared timing and device fingerprints).

Translate this to a state collapsing into a dictatorship, like Serbia or Turkey, and you'd expect the supposed "trusted" verifiers, banks, to be run by people who collude with the people black-bagging people.

The assumption "banks are ultimately trusted" is not a sound assumption.

The implicit assumption "age attestation cryptography is only for unimportant things like gambling.com, so we can YOLO this" is not sound. Age-attestation is a general-purpose backdoor for doxxing people in many contexts—not just unimportant ones that are embarrassing at worst.

The POC shouldn't even be mentioning banks explicitly. Any one that needs or could know you. Any authority such as a tax authority, voting registry, whatever, that already knows who you are, could verify this. An authority is preferable to a bank.

And if a country already has a functioning digital ID solution that covers every citizen it should be a simple add-on to add this. The "functioning digital ID solution that covers every citizen" seems like the step to fix _first_ (definitely before imposing age verification laws online!).

Also, having such a system really should be seen as par for the course for any developed country.

The problem with this is that the verifier (Bank, DMV, Government, etc) can track that you went to gambling.com. E.g, maybe the gambling.com string is "gambling.com-123". Or if it's a random number, maybe gambling.com is storing it somewhere and the bank/government files a legal request to get a copy. You have to trust the government in this case which isn't ideal.

A better one is Chaum's Ecash protocol: https://en.wikipedia.org/wiki/Ecash

To use a metaphor for that protocol:

  1) The gambling site gives you a piece of with a UID on it.
  2) You put the paper in a opaque envelope. (This is a cryptographic way of hiding the contents)
  3) You take the envelope to the bank (or DMV, police station, etc) along with a copy of your birth certificate/RealID and they emboss it with their stamp saying you are over 18. The embossing is transferred through the envelop to the paper, but the bank hasn't seen the contents of that paper. (This is a cryptographic signing method which can affect the UID in step 2 without the bank needing to see the UID: https://en.wikipedia.org/wiki/Blind_signature)
  4) You take the paper out of the envelope and destroy the envelope. The paper with the UID has the stamp but doesn't have any tracking information that the bank might have put on it.
  5) You give the UID to the gambling site. They see that you got it stamped by the bank so they know you have an account with the bank and are over 18, but they don't know the RealID that the bank saw when the bank stamped the envelope.

This is secure because the bank never saw the UID so they don't know if it was gambling-123 or disney-123. The gambling site can save that stamped UID and give it to the bank (or government) if required, but bank can't figure who came in to get that UID embossed. The only person who knows all the tracking information is the user. And as long as they burn the envelope (which is cryptographically secure), there is no usable tracking information.

As long as the bank is Good and uses the same stamp for all users (i.e, they don't use alice-stamp, and bob-stamp, etc for different users), there is no way for anyone to connect that Alice got her gambling-123 UID stamped. But this stamp is normally using PKI so anyone can check the public key of the stamp.

This algorithm was originally conceived to create anonymous "cash" since the bank would charge $1 to stamp your envelope and the gambling site could sell their UID paper to the bank to get that $1 from the bank.

This mechanism is essentially what the European age verification system is doing, except they're also dealing with offline credentials (so you can log into gambling.com while bank.com is down for maintenance).

There are some details thatihjt still need to be worked out for an American implementation (the lack of an eIDAS equivalent, for one), but the EU solution is being developed cross platform, in the open. You can just take the source code, replace/extend the chains of trust with whatever verification platforms you can convince others to join your programme, and reuse most of the existing code.

For an American implementation, you can probably take out the part where verifiers need to be registered with the verification service (which I believe is part of EU law but makes implementing anonymous verification difficult). The wording and name should probably also be changed to be more in line with American expectations, and removing the remote attestation requirement would be nice if your verification services don't demand you include it. I'd also wait for ZKPs to be implemented, or add them to the implementation, to reduce the potential impact of collusion between governments and websites.

The account creation part is optional but probably recommend. I wouldn't lock it to just passkeys, though, having a fallback to classic username/password is probably a good idea just in case.

Isn't this roughly what mDL (and broader future W3C Digital Credentials spec) offers albeit with the issuing agency of the ID (e.g. state DMV) acting as the credential issuer rather than a bank? A relying party make a claim for a coarse age limit 'is user over N years old'? With the user's consent, the application receives an attestation back from their wallet, with a chain of trust back to the issuer (without the issuer's intervention or knowledge).

The user's credential is bound to the device and protected by their biometrics (Face ID/Touch ID), and the consent screen feels very similar to using a Passkey (gaining in mainstream popularity) or Apple Pay (pretty mainstream at this point).

- https://www.w3.org/TR/digital-credentials/

- Apple's implementation - https://developer.apple.com/wallet/get-started-with-verify-w... (and moving to the browser in iOS 26 https://support.apple.com/en-gb/guide/apple-business-connect...)

The challenge here is adoption and availability of digital credentials. It appears State Department is allowing iOS 26 to issue digital credential representations of US passports also. Japan are also providing their national ID card in this way. Given some US states' online age verification laws (and whatever it is the UK are trying to do at the moment), seems like a great incentive for those governments to provide robust digital ID infrastructure.

I don't see why you need the first step.

What you need[0] is a certificate, signed by a recognised provider[1], asserting that email address X is associated with a person aged over 18.

Once you have that, you can then provide it to anyone who asks for it. The certificate provider doesn't need to know who you're proving it to. Literally all they have to do is check whatever information they need to[2] to be happy asserting "Oh yeah, that's an adult".

If your browser (or an add-on for it) wanted to make this easy by storing the certificate for you securely, then that would be awesome, obviously.

But there's no reason why the certification provider needs to know who they're certifying your adulthood to.

[0]Assuming that you want a way to prove you're an adult.

[1]That could be a bank, a government, or anyone else who has sufficient levels of societal trust.

[2]Photo of you, use of a credit card, records of you using that email address for more than 18 years. Whatever makes them happy making that assertion, that they'd be willing to stand up in court and defend their processes if one of their certificates was issued wrongly.

Don't some of the jurisdiction requiring strong age verification also require you to store identity documentation? e.g. I believe that's the case for Mississippi. In those cases, storing the fact that age verification took place or even a proof of it would probably not be legally sufficient.

Since most USA residents have already had their birth date determined by their DMV and/or Social Security, using those authorities seems much more logical compared to getting banks involved.

Just an FYI: In the US, 5.6 million households are unbanked.

https://www.fdic.gov/news/press-releases/2024/fdic-survey-fi...

Theoretically a good idea, practically there are couple challenges with it-

1. Some one makes an intermediary service where they allow users to get the age verification from them. Get the information from the user provided to them by merchant, use their own (service providers) bank account to get the token and return back to the user. Identity less age verification is not practically possible, somewhere down the line you have to peg the identification for the user with a common identifier that services can mutually trust.

2. WebAuthn flow has timeouts (everyones spec implementation might be different) associated with it, most people are going to run into that

That's putting a lot of trust into banks. I don't like it. Just my personal opinion.

Anonymity by default : not true, banks shouldn’t be trusted. And retrieved referral info will be stored by banks.

This is an active area of research see for example: EU Digital Identity & Anonymous Credentials at real world crypto 2025 https://www.youtube.com/watch?v=UpQHWObCx4I

TLS Notary[0] is a project already aimed at doing something exactly like this. It lets you only expose the parts of the payload that you want (e.g. your age) and relies on a verifier to prove the data is legit.

[0] https://tlsnotary.org

This reads like GPT-5 output. Anyone familiar with the model will recognize its distinctive style. While using LLM-generated content isn't inherently wrong, why not share the prompts? It's like presenting a book summary without naming the book.

What here stops someone from just sharing fake age verifications. If indeed the bank doesn't know what you are visiting and the site doesn't know who you are, anyone could just create an api to autogenerate fake authentications. Age verifications will always be a bad idea and will always leak information in one direction or another.

Right we still pretend this is about protecting children I forgot.

The proper-ish solution to the problem are zero knowledge proofs: I get my government or whoever to give me a credential with my date of birth, I go to website which asks me for my age, the website gives me a token, I use the token and my gov credential to generate a proof that says "today i'm over 18" i give proof to website, the website verifies the proof using my governments public key and lets me pass. This way nobody knows anything more than necessary and it protects everybodys privacy. [1]

Hey we make it a standard open protocol! So everybody can implement it easily. We finance a open-source reference implementation. All the children are forever saved from harm. We have parties under rainbows and world peace!

[1] ZKRP's Zero Knowledge Range Proofs: https://arxiv.org/pdf/1907.06381

Shifting the power from the state to banks.. what could go wrong!!

Hell no! Banks should NOT assume an expanded role in transaction processes; rather, their involvement should be further reduced. The objective should be to establish public consensus that positions banks as an optional payment method, not as an integral component of daily activities. Even in scenarios where banks do not access personal identification information, their institutional power should be constrained rather than extended.

Cashless payment systems present inherent risks for surveillance and control, as they channel all transactions through centralized, heavily monitored networks. Individuals flagged within these systems may face severe exclusion from economic participation without due process protections.

KYC protocols may have poorly regulated flagging databases that lack the procedural safeguards associated with formal criminal records. Unlike criminal records, which require due process for inclusion and can be destroyed, banking flags operate without comparable regulatory oversight. This transfers significant power to corporate entities and their stakeholders, having this “shadow” power that would control the public.

Regardless of anonymity provisions, banks should function solely as optional convenience tools for payment processing, not as mandatory intermediaries in financial transactions or any process. The integration of banking systems into essential processes is the worst for anyone who cares about surveillance free society and create a concentrated institutional power, and it will reduce individual autonomy, financial or not.

Explain how even if the bank and the adult site cooperate together, they'd not be able to identify you. This is what I'd expect "anonymous" to be.

You should see my lie-about-over-18.com website

You get your verification code

Paste it into my website and pay $15

One of my crowdsourced reps will complete the request for you and collect $7.50

No thanks.

A valid and safe "age verification" (actually to be BANNED because meant as a way to pass internet censorship) could simply be: the State offer FLOSS and open-hardware IDs, we got a USB reader/built in in keyboard, built-in in laptop like we have hat in early 2000, who being all open we can trust, and the a simple boolean request "above age?" with a true or false answer PERIOD.

If we want more we ERASE the not needed anymore banking sector with a state backed crypto and state backed open hardware and FLOSS wallets with a simple display usable as smartwatch or pendent with a retractable necklace like the one we use for skipass, where we could see on a trusted device what we are going to approve or reject.

It's time to craft rules as code, in money/finance and laws/bureaucracy ERASING nazi censorship we see growing everywhere starting with biometry push.

so what if I sell this service to under-18 people in exchange for $30 each time?

Apart from me going to jail, I mean. How would the protocol prevent this?