Hacker Timesnew | past | comments | ask | show | jobs | submitlogin

> and that they provably cannot track.

That's not easily provable though.

Any token given that way contains some amount of encrypted payload.

That secret payload may contain uniquely tracking numbers.

Even the encrypted payload itself, if treated as an opaque string, can be used for tracking if they decide to log it when they deliver it to you, and when the website where you use the token passes it back to the government auth service.

You need to replicate the UX of a stack of pile of cards at the grocery store, that's not really possible in digital space.



> that's not really possible in digital space

It is, with zero-knowledge proofs.

> That's not easily provable though.

It's exactly like end-to-end encryption: normal people cannot verify that it works, but they can use an open source implementation that is audited by independent cryptographers.

Not sure what you mean by "easily". It's totally possible in practice.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: