Discord has announced that it's rolling out age verification checks globally from March – and the decision has sparked fury from many privacy-conscious users.
And just because it might beat PostIdent, doesn’t mean it’s sane to give up online anonymity for age checks everywhere. The EU claims the wallet will allow anonymous age checks, but if they ever tracked you, pretty sure you wouldn’t know.
This is not how remote attestation works. It’s the whole point of the age verification of the wallet that such meta data doesn’t have to be stored. The data submitted is transparent and can be viewed before accepting the verification. It’s in the core concept that this process is unlinkable and the goal is to implement this with ZKP (Zero-Knowledge Proof) mechanisms.
That is in the technical spec for this proposal. It is designed for exactly this kind of requested online anonymity.
Does this have to be watched? Absolutely Yes. What you’re doing here is spreading FUD though without any proof whatsoever just because “iTs fRoM tHe gOv”. Now I don’t know your frame of reference and it’s probably a good idea to keep a healthy level of mistrust in place but(!) the EU does a lot of things correct and I take this over any system designed by a private company that is definitely always only interested in our best: money.
In practice, the security and privacy guarantees of the CL protocol require two different kinds of wholly independent institutions: identity providers (who verify your documents), and certificate authorities (who issue cryptographic certificates based on those documents). If these two functions take place under one roof, the privacy guarantees of the system immediately evaporate.
(“CL” seems to refer to a common zero knowledge proof algorithm.)
Technical Requirements: An Age Verification App shall support the following: […] Request from the operating system a tamper-evident attestation of AVI properties
(As far as I know, they mean device attestation with this where you no longer fully control your device.)
The EUDI Wallet team is participating in a wider, EU-wide collective sleepwalk into a serious trap: You, along with the entire EU Digital-Identity movement, are hard-wiring the EU’s civic governance to Apple and Google’s hardware and software stack.
Requires accepting “Terms of Service” to access basic functions of being a citizen. Your demo video shows you requiring accepting “Terms of Service” and “Data Protection Information” which I guess should really be “Privacy Policy”.
The source is the technical spec. Read this yourself more closely!
Interoperability: The solution ensures seamless integration across diverse device operating systems, wallet applications, and online services.
And let’s not ignore the demo part:
The white label solution will be implemented based on the open source EUDI Wallet Reference implementation libraries.
And yes it is good that people watch this carefully (and voice their concerns in a civil matter, which does not seem to be the case with most heated comments from your examples). But!
This is the very same with e.g. Let’s Encrypt. Or a VPN ‘service’. Or CloudFlare, that so many people love to hide behind.
What ifs. The spec does explicitly not allow exactly this and it’s our job to investigate such providers closely and in doubt start and run trustworthy providers ourselves. And Let’s Encrypt is again a prime example for something like this.
Oh and no nothing in the spec nails this down to Google or Apple alone. These are examples for smartphones for existing eco systems. I do not need a smartphone for e.g. AusweisApp and I will ask the same for E-Wallet because this is also in the specs (Interoperability) and explicitly not tied to some vendor specific eco system but to protocols and cyphers.
And this is where the next FUD may come in: TPM[1]. This does [also] exactly this: Device attestation and is a perfect candidate for regular PCs. That’s probably just the next can of worms for you though and with this I’ll end this discussion because even with plenty of What Ifs I do not see this solved from anyone in any better way - and again especially not from some company like Dis-fuckin-cord. This is exactly what a GOV exists for and they’d be sleeping on their job not providing digital ways for this very use-case.
[1] And just so that you may understand my POV on this: I demonstrated against TCPA back in the days. I can accept TPM tho. It’s a rather useful compromise and something similar exists for most smartphone ALSO. That is a good thing because this is responsible for keeping e.g. password wallets private. Something the “oh noes, Windows requires TPM now” crowd never understood - and this is from a die hard Linux user for decades.
I am referring to the EU Wallet age verification app: https://github.com/eu-digital-identity-wallet/av-app-android-wallet-ui/ Sorry that I forgot to link it.
And just because it might beat PostIdent, doesn’t mean it’s sane to give up online anonymity for age checks everywhere. The EU claims the wallet will allow anonymous age checks, but if they ever tracked you, pretty sure you wouldn’t know.
This is not how remote attestation works. It’s the whole point of the age verification of the wallet that such meta data doesn’t have to be stored. The data submitted is transparent and can be viewed before accepting the verification. It’s in the core concept that this process is unlinkable and the goal is to implement this with ZKP (Zero-Knowledge Proof) mechanisms.
That is in the technical spec for this proposal. It is designed for exactly this kind of requested online anonymity.
Does this have to be watched? Absolutely Yes. What you’re doing here is spreading FUD though without any proof whatsoever just because “iTs fRoM tHe gOv”. Now I don’t know your frame of reference and it’s probably a good idea to keep a healthy level of mistrust in place but(!) the EU does a lot of things correct and I take this over any system designed by a private company that is definitely always only interested in our best: money.
Here are my sources:
https://pluralistic.net/2025/08/14/bellovin/ (I don’t agree with every bit of that article.)
(“CL” seems to refer to a common zero knowledge proof algorithm.)
https://github.com/eu-digital-identity-wallet/av-doc-technical-specification/blob/main/docs/architecture-and-technical-specifications.md#332-enrolment-methods-without-existing-identification
(As far as I know, they mean device attestation with this where you no longer fully control your device.)
https://github.com/eu-digital-identity-wallet/av-app-android-wallet-ui/issues/20
https://github.com/eu-digital-identity-wallet/av-app-android-wallet-ui/issues/15
Feel free to share your sources.
The source is the technical spec. Read this yourself more closely!
And let’s not ignore the demo part:
And yes it is good that people watch this carefully (and voice their concerns in a civil matter, which does not seem to be the case with most heated comments from your examples). But!
This is the very same with e.g. Let’s Encrypt. Or a VPN ‘service’. Or CloudFlare, that so many people love to hide behind.
What ifs. The spec does explicitly not allow exactly this and it’s our job to investigate such providers closely and in doubt start and run trustworthy providers ourselves. And Let’s Encrypt is again a prime example for something like this.
Oh and no nothing in the spec nails this down to Google or Apple alone. These are examples for smartphones for existing eco systems. I do not need a smartphone for e.g. AusweisApp and I will ask the same for E-Wallet because this is also in the specs (Interoperability) and explicitly not tied to some vendor specific eco system but to protocols and cyphers.
And this is where the next FUD may come in: TPM[1]. This does [also] exactly this: Device attestation and is a perfect candidate for regular PCs. That’s probably just the next can of worms for you though and with this I’ll end this discussion because even with plenty of What Ifs I do not see this solved from anyone in any better way - and again especially not from some company like Dis-fuckin-cord. This is exactly what a GOV exists for and they’d be sleeping on their job not providing digital ways for this very use-case.
[1] And just so that you may understand my POV on this: I demonstrated against TCPA back in the days. I can accept TPM tho. It’s a rather useful compromise and something similar exists for most smartphone ALSO. That is a good thing because this is responsible for keeping e.g. password wallets private. Something the “oh noes, Windows requires TPM now” crowd never understood - and this is from a die hard Linux user for decades.
I disagree TPM is a good candidate.
And I think many of us reject the premise we should submit to any central id provider for half of the internet in the first place. There are less risky approaches: https://www.politico.com/news/2025/10/13/california-law-online-age-checks-00606115