Is the code available?

yes, just view source. No build step here, all CSS and JS is just on the one page.

The idea of using a private cloud sounded wonderful, ran an instance of Next Cloud using encrypted storage, it didn't take long when my files disappeared due to a bug on the encryption and los my files for ever. Never went back to it

I think the goal of this is that you can prove, so that your counter party does not need to rely on trust

there are standards for "verifiable credentials" and "verifiable presentations" so that digital IDs can be issued and displayed (using a model analogous to web pki/SSL certs), done in a decentralized and privacy-preserving way without ZKPs

Actually this is only partially true (have implemented verifiable credientials and ZK on top).

VCs will allow you to verifiably specify your date of birth or maybe your passport number.

What ZK does is allows a third party to ask questions like "is the date of birth of this person prior to 2-Sep-2006" (ie, are they over 18) or "is this person a passport holder for country X" and the ZKP system can say yes or no without disclosing the actual birthdate or the passport number.

It's is a real improvement in privacy, although I'm unconvinced it is worth the incredible inconvenience of implementing it.

> without disclosing the actual birthdate

What prevents the birthdate from being gleaned through a simple binary search? Or, if it's specifically an "over 18 today?" query based on some decentralized timestamp source, what prevents the query from just being repeated every day until the result changes (assuming it returns "under 18" at first)?

Just because someone asks, doesn't mean one must answer.

"Be liberal in what you receive, and strict in what you send."

The protocol would have to specify an authorized inquiry field or use validity by time, using a global consensus (current bitcoin block + challenges that take bitcoin_blocks block production rate on average to solve)

The holder of the credential would have to present it log(N) times. If someone asks to scan your id a bunch of times, wouldn't you find it suspicious?

Different 'someone's could conceivably collude to whittle down the result of the search, fingerprinting users via separate means to align the results. Or, less conspiratorially, one could present an apparently-poorly-designed interface where the credential is only valid for the current login session, then wait for a few cycles of the user clearing their browser cookies.

Perhaps a very explicit prompt "This service wants to know if you're > X years old!" might give up the trick, but then users would have to be trained not to click through it within milliseconds, which is never the most viable solution.

Neat, thanks! IIUC some credential standards like ISO 18013-5 (mDL) hack around this by allowing you to expose `is_over_X` claims for age gating

What did you implement VCs and ZK for?

> What did you implement VCs and ZK for?

It was a crypto/blockchain/decentralized ID thing.

Congrats, pretty amazing work! Loved it!!

Thanks!

> This often happens with an in-memory database, which is compatible to your main database you do use in production, but is faster.

Not sure how this will solve edge cases problems described at the beginning of the article

Great book, I've learnt a lot from it

I had a similar goimport issue importing the wrong pkg. I've added a forbidigo linter rule to fail when certain packages were imported.

curious to know what are you using it for? do you upload a diagram on every push?

no, in my case only when the Migrations/ folder changes (you can specify that in .gitlab-ci.yml or using come commandline-fu). I'm using EF core as an ORM, thats why it is also easy to create an empty SQLite DB from the sources.

It seems that perfection is attained, not when there is nothing more to add, but when there is nothing more to take away.