> I don't see a way this could be implemented where the govt doesn't know what site is requesting the verification
Blind signatures. Briefly, a blind signature is a way for a party to sign a document without seeing the contents of the document. The cryptographic forms of this, at a high level, work like this:
1. You do a keyed reversible transformation on document D that produces a transformed document D'. This is called "blinding" the document.
2. They sign D' with signature S'.
3. You apply the reverse transformation to S', which gives you a signature S from them for D. This is "unblinding".
Use a random key each time you need to get something blind signed and throw away the key afterwards.
Even if they later see D and S they can't match them up with any D' and S' because they don't know the key.
For age verification D would be some kind of token you obtain from the social media company during age verification. You'd then have the government blind sign that with a signature that is only used when the government has verified you are at least 16. You'd unblind the signature and give that back to the social media company.
There are also protocols to do this using zero knowledge proofs.
Blind signatures. Briefly, a blind signature is a way for a party to sign a document without seeing the contents of the document. The cryptographic forms of this, at a high level, work like this:
1. You do a keyed reversible transformation on document D that produces a transformed document D'. This is called "blinding" the document.
2. They sign D' with signature S'.
3. You apply the reverse transformation to S', which gives you a signature S from them for D. This is "unblinding".
Use a random key each time you need to get something blind signed and throw away the key afterwards.
Even if they later see D and S they can't match them up with any D' and S' because they don't know the key.
For age verification D would be some kind of token you obtain from the social media company during age verification. You'd then have the government blind sign that with a signature that is only used when the government has verified you are at least 16. You'd unblind the signature and give that back to the social media company.
There are also protocols to do this using zero knowledge proofs.