>If they use ZKP's correctly then what you are proving is membership in a set.
>However, they are collecting iris scans which means they are the ones building the set and therefore own all the data about all the members of that set.
Totally agree, but any other official of any kind can do the same and create their own membership set. A mayor of a town can create a similar set of citizens. A football's team coach can create their own membership set, of players and fans.
I don't see why that particular membership set is more special than any other.
> To do it properly the government should be the ones who build the set.
To do it properly governments around the world should agree on a standard or two, and use that standard worldwide for the next 50 to 100 years. See for example screws and screwdrivers [1] which are effectively identical for so many years.
When a standard is established for identity, for ownership, for ownership transactions, for signatures, for contracts, for passports and many other things then it is government's job to keep the data safe and private, we agree on that. As soon as identities for example are a technological screw, then we don't want incompatibilities between governments.
> There are also problems with respect to stolen identities.
The ZKP does not need to be the identity by itself. Another identity can be tied to the ZKP proof, and use it's children identities for everyday use. They implemented something like that for Python to avoid supply chain attacks [2].
> The ZKP does not need to be the identity by itself. Another identity can be tied to the ZKP proof
Which is exactly what I said:
> you are given a token which you must reuse, making you pseudonymous
The way it's usually done with ZKP's is through the use of a nullifier, a cryptographic product of hidden information which will always be static. In this case the nullifier may be a public key.
>However, they are collecting iris scans which means they are the ones building the set and therefore own all the data about all the members of that set.
Totally agree, but any other official of any kind can do the same and create their own membership set. A mayor of a town can create a similar set of citizens. A football's team coach can create their own membership set, of players and fans.
I don't see why that particular membership set is more special than any other.
> To do it properly the government should be the ones who build the set.
To do it properly governments around the world should agree on a standard or two, and use that standard worldwide for the next 50 to 100 years. See for example screws and screwdrivers [1] which are effectively identical for so many years.
When a standard is established for identity, for ownership, for ownership transactions, for signatures, for contracts, for passports and many other things then it is government's job to keep the data safe and private, we agree on that. As soon as identities for example are a technological screw, then we don't want incompatibilities between governments.
> There are also problems with respect to stolen identities.
The ZKP does not need to be the identity by itself. Another identity can be tied to the ZKP proof, and use it's children identities for everyday use. They implemented something like that for Python to avoid supply chain attacks [2].
[1] https://www.youtube.com/watch?v=MXWSn8rMeEo
[2] https://news.ycombinator.com/item?id=42136375