stayed up last night going through the selective disclosure mechanics in the SIGN identity stack and honestly the gap i found is simpler than i expected 😂
as simple as Trading XAG and XAU
the design is elegant. a citizen needs to prove they are over 18 to access a service. instead of presenting their full credential with name, birthdate, address and everything else, they present a derived proof. the verifier confirms the age condition is met. nothing else is revealed. zero-knowledge proof does the work. the birthdate never leaves the wallet.
that is genuinely good privacy design. the minimization is technical, not just policy. you cannot accidentally over-share because the proof is constructed to contain only what the verification requires.
but here is the part that keeps sitting with me.
selective disclosure works when the verifier accepts the derived proof
the protocol controls what the holder presents
it does not control what the verifier is willing to accept
a government agency, a bank, a border control officer operating their own system can look at a selective proof and say they need the full credential instead.
the holder then has a choice between presenting more than the protocol was designed to expose or being denied the service entirely.
honestly dont know if selective disclosure gives citizens meaningful control over what they reveal or if that control only exists when the verifier on the other side decides to honor it?? 🤔
#SignDigitalSovereignInfra @SignOfficial $SIGN
