This comes up on every single HN thread about the topic, but I don’t understand how people aren’t seeing the obvious abuse angle:
Create a market for anonymous age verification tokens. People pay $5 to someone to create an age authorization for them. 17 year old kid (who is old enough under this law) spends all day creating anonymous age auth tokens to sell to people who want them.
Entire system subverted with profit motive.
The next phase of the argument is to argue for rate limiting or extra logging, but the more you force that the more you degrade privacy or introduce unreasonable restrictions. “Sorry, I can’t sign up for the wiki today because I already used my quota of 2 government age checks today”. Still leaves plenty of room for 17 year old kids to earn $10 a day farming out their age checks.
The entire argument that anonymous crypto primitive will solve this problem is tiresome.
The same applies to effectively all possible solutions for age verification, no?
Even if you have a perfect mechanism, 17 years old can create real age-verified accounts and then sell the username and password afterwards. Selling age-verification tokens directly would likely be harder than just swapping those login details, since it's very easy to make the tokens time-limited (in practice normal use would probably be some kind of oauth-style redirect flow, so they'd really only have to be valid for a few seconds).
This same argument applies to adults buying alcohol for teenagers too. The determined teenager with money can definitely find a way to get alcohol, but it doesn't mean the age restrictions on purchases are pointless.
Imo it's a bit pointless to worry about high-speed black markets trading in signed tokens when the current most common alternative is a popup with an "I promise I am over 18" button. If society agrees some things should be difficult to access if you're underage, then we can definitely do better than that as a solution.
this is the same argument as "why have government id cards, someone could just use a fake beard and use their older classmates id". Any system allows for some gaps, similar to how creditcard transactions make transactions safer but on either side of that transaction there some "insurance" and some leeway if someone really wanted to.