frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Opening up 'Zero-Knowledge Proof' technology to promote privacy in age assurance

https://blog.google/innovation-and-ai/technology/safety-security/opening-up-zero-knowledge-proof-technology-to-promote-privacy-in-age-assurance/
42•consumer451•2h ago

Comments

watersb•1h ago
We need "How to talk to your legislators about zero-knowledge proofs".
dboreham•1h ago
Not really any point since US legislators aren't motivated by the interests of regular people.
consumer451•1h ago
Yes, they are not.

> Today, we open sourced our Zero-Knowledge Proof (ZKP) libraries, fulfilling a promise and building on our partnership with Sparkasse to support EU age assurance.

protocolture•1h ago
"Dont do age assurance, ever"

Done.

Avicebron•53m ago
Ok, they have ignored that. I did my part and sent an email. Now what?
matheusmoreira•23m ago
"Do the opposite of what Meta is lobbying for"

Done.

rho138•1h ago
[2025]
consumer451•1h ago
Yes, but it's never been more important than now. Also, I did not have enough chars for an HN title.
stephen_g•45m ago
Funny though how whenever these laws are pushed though, the legislators are more interested in strongly identifying people to gate services despite the fact that they should have plenty of advice that things like zero-knowledge proofs exist.

I hate to be cynical but I worry that this isn't going to matter, because it really seems that a lot of the pressure behind age verification isn't actually very interested in the age verification part...

emsign•1h ago
What's the point of giving a single point of information about yourself to a single website, when all the websites you visit use the same trackers (from Google for example) only to merge these data points together and sell them as a package.
TalkingCodeMonk•1h ago
Because of the principle of least privilege: https://wikipedia.org/wiki/Principle_of_least_privilege

All current age verification measures open up a torrent of attack vectors on user PII and privacy. Limiting the number of entities that are able to access data is one of the best ways to prevent it's leak or abuse. Don't let perfection be the enemy of good.

But therein lies the fundamental problem with surveillance capitalism. Until the sale of personal data/metadata is outlawed, the practice of targeting content based on an individuals personal data/metadata is outlawed, there is a highly punitive cost for violations and leaks that make storage outside core business functionality a major criminal and financial risk, and the compilation of this data by "intelligence" agencies it treated as a critical attack vector to national security – the attack on each citizens civil rights that it truly is – most privacy laws and regulations are just virtue signals designed specifically avoid the root causes, and further entrench the power of monopolies and incumbents.

FYI I don't believe Google sells user data. They sell products which leverage user data to give them a critical advantage over every competitor who does not have trackers in everyones pockets/computers, does not store their entire web search/browsing history, etc. It's in the interest of big tech to protect their market advantage (like ZKP, which would prevent competitors from having a new gov-mandated vector to compile user data).

sroussey•24m ago
Google never sold user data until the DoubleClick acquisition, from what I understand
dadoum•56m ago
Still, I don't want to gate people based on age.

Parents should at least be able to overwrite the age of their child, maybe selectively allow bypasses. My experience with a computer would have been completely different if I was blocked from half of the internet. Especially when I see which kind of content gets blocked.

doginasuit•24m ago
As a millennial-aged person I saw a fair amount of content I would not want the young people in my life to see, but it's probably not nearly as harmful as the non-age gated content that they will still have access to. There is a lot creepy youtube and tiktok content that isn't off limits but still unhealthy and my younger relatives are fascinated by it.
Groxx•53m ago
I've been trying to figure out how zero-knowledge stuff would work in practice for age verification, where "when issued" (or extremely coarse, like what year), "to whom", and "where it's used" are hidden from everyone except the individual holding the proof (since that's the gold standard, and the only one worth accepting).

I get that ZK techniques work, and reveal "nothing". That's useful.

But if they reveal nothing, isn't it wide open for abuse? Couldn't one over-18-person's proof become everyone's proof, because they can't tell it's the same proof, and the issuer can't tell where or how often the proof is being used? Or are there ways to construct data leaks that are not user-identifying but are abuse-identifying (and what would that even mean)?

doginasuit•34m ago
My understanding as someone who is just learning about the tech is that zero-knowledge isn't a great description of what is happening. The issuer (some party with the proof, like the government) shares the knowledge and that is only valid for a single verifier. So knowledge is held and is shared, just the minimum amount possible to be credible.
Aurornis•13m ago
> But if they reveal nothing, isn't it wide open for abuse? Couldn't one over-18-person's proof become everyone's proof, because they can't tell it's the same proof, and the issuer can't tell where or how often the proof is being used?

Yep!

This is why the concept of zero knowledge age gating is such a trap for technically minded people. They imagine receiving a private cryptographic object that can be used to anonymously confirm that the government says it was issued to someone over 18.

That’s completely useless because a single leaked token could be used forever, so nobody actually considers this.

All of the real proposals have various compromises baked in. Some people want to require device attestation, so you could only do this handshake from a government approved device running a government approved operating system. Forget using Linux or maybe even a general purpose computer at all.

Other proposals involve online government handshakes in various ways, with a pinky promise that the government won’t keep logs or tap it for national security purposes. So we get back to anonymous by trust only.

doginasuit•47m ago
Zero-knowledge seems to be a bit of an oversell here. It is more like you break the knowledge up and only share the relevant parts with each party. And the facilitator (Google) arguably has access to the most information out of any of the parties involved.
dgrin91•43m ago
There are true ZKP setups where no one learns anything but the absolute minimum (e.g. is this person over 16, not what is their dob). This is hard to prove though and I don't know if I trust Google to do it
slwvx•37m ago
zero-knowledge proofs are a well-known tool in cryptography [1]. All Google is sharing is the library to implement it. Google would not have access to the information any more than they have access to the bank info of people who use Android or Gmail.

[1] https://en.wikipedia.org/wiki/Zero-knowledge_proof

doginasuit•16m ago
It's my understanding that they are sharing the library but they will also be involved as a facilitator, at least to the extent that people use their identity wallet service. It also seems like they will have access to who you are sharing information with, which seems like the most valuable information for a company in their position, with nothing but a pinky promise that it will not be tracked. Let me know if any of that is inaccurate.
wmf•1m ago
Ideally the government would be the issuer and the facilitator but the US lacks the state capacity to do this. Maybe it will work that way in Estonia.
wmf•41s ago
This is basically the double spending problem which has been solved in various ways.

ZCode – Harness for GLM-5.2

https://zcode.z.ai/en
178•chvid•3h ago•201 comments

Meta Caps Internal AI Token Spending After Costs Approach Billions in 2026

https://mlq.ai/news/meta-caps-internal-ai-token-spending-after-costs-approach-billions-in-2026/
42•typeofhuman•1h ago•21 comments

Show HN: Searchable directory of 22k+ products from worker-owned co-ops

https://www.workerowned.info/
201•IESAI_ski•4h ago•34 comments

For first time, a cell built from scratch grows and divides

https://www.quantamagazine.org/for-the-first-time-a-cell-built-from-scratch-grows-and-divides-202...
722•defrost•10h ago•248 comments

What to learn to be a graphics programmer

https://blog.demofox.org/2026/07/01/what-to-learn-to-be-a-graphics-programmer/
228•atan2•7h ago•120 comments

The Underhanded C Contest

https://underhanded-c.org/
29•ccabraldev•2h ago•5 comments

Opening up 'Zero-Knowledge Proof' technology to promote privacy in age assurance

https://blog.google/innovation-and-ai/technology/safety-security/opening-up-zero-knowledge-proof-...
42•consumer451•2h ago•23 comments

Physical disc production ending in Jan 2028 for new games on PlayStation

https://blog.playstation.com/2026/07/01/physical-disc-production-ending-in-january-2028-for-new-g...
588•Tiberium•13h ago•619 comments

Billions of doses later: Global review confirms mRNA vaccines safe and effective

https://news.ubc.ca/2026/06/mrna-vaccines-are-safe-effective-and-full-of-promise/
43•coloneltcb•39m ago•17 comments

FFmpeg 9.1's new AAC encoder

https://hydrogenaudio.org/index.php/topic,129691.0.html
279•ledoge•11h ago•91 comments

Chip Off the Old Block

https://www.astralcodexten.com/p/chip-off-the-old-block
35•paulpauper•3h ago•5 comments

The <Usermedia> HTML Element

https://developer.chrome.com/blog/usermedia-html-element
17•twapi•1h ago•9 comments

Qualcomm Linux 2.0

https://www.qualcomm.com/developer/blog/2026/06/qualcomm-linux-2-now-available
44•gilgamesh3•4h ago•12 comments

Box3D, an open source 3D physics engine

https://box2d.org/posts/2026/06/announcing-box3d/
407•makepanic•13h ago•91 comments

Proliferate (YC S25) Is Hiring

https://www.ycombinator.com/companies/proliferate/jobs/mMHvKR9-founding-product-engineer
1•pablo24602•4h ago

Internal Combustion Engine (2021)

https://ciechanow.ski/internal-combustion-engine/
282•StefanBatory•12h ago•73 comments

Ask HN: Who is hiring? (July 2026)

158•whoishiring•10h ago•171 comments

Monetization Gateway: Charge for any resource behind Cloudflare via x402

https://blog.cloudflare.com/monetization-gateway/
247•soheilpro•11h ago•161 comments

How do wombats poop cubes? Scientists get to the bottom of the mystery

https://www.science.org/content/article/how-do-wombats-poop-cubes-scientists-get-bottom-mystery
29•bushwart•1d ago•7 comments

Healthy but sedentary people show early decline in cellular energy production

https://news.cuanschutz.edu/news-stories/healthy-but-sedentary-individuals-show-early-decline-in-...
52•littlexsparkee•2h ago•44 comments

I Left Harry's All-Night Hamburgers

https://escapepod.org/2013/09/14/ep413-why-i-left-harrys-all-night-hamburgers/
67•rbanffy•4h ago•8 comments

Building an Open-Source Robot Vacuum – Meet Oomwoo

https://makerspet.com/blog/building-an-open-source-robot-vacuum-meet-oomwoo/
5•devicelimit•32m ago•0 comments

The Apple Disk II Controller Card

https://www.bigmessowires.com/2021/11/12/the-amazing-disk-ii-controller-card/
39•stmw•2d ago•9 comments

Launch HN: Parsewise (YC P25) – Reason Across Documents with an API

45•gergelycsegzi•11h ago•45 comments

Why jet engines aren't made in China

https://aakash.substack.com/p/why-jet-engines-arent-made-in-china
70•paulpauper•1d ago•43 comments

Flavor Graveyard

https://www.benjerry.com/flavors/flavor-graveyard
20•NaOH•3d ago•10 comments

How We Made IPFS Content Publishing 10x Faster

https://probelab.io/blog/optimistic-provide/
145•dennis-tra•9h ago•48 comments

Fable 5 Is Back

https://twitter.com/claudeai/status/2072402636813607381
312•mfiguiere•5h ago•290 comments

Weave Robotics launches Isaac 1, a $7,999 home robot with Fall 2026 deliveries

https://www.weaverobotics.com/isaac-1
70•ryanmerket•7h ago•121 comments

Ask HN: Who wants to be hired? (July 2026)

106•whoishiring•10h ago•246 comments