Let me expand on this because Digital Identity proponents tend to try and oversimplify everything and then act surprised when their favorite cryptos implode.
There are 2 situations.
1. Everyone who wants to access restricted content needs to access a government or corporate tool to generate their wallet or keys or whatever you want to call it.
2. Everyone in the jurisdiction is required to sign up for the tool.
1. Is effectively putting yourself on a list for future fascist governments to purge.
2. Is an onerous burden on the entire population. We had enough issues with Digital TV.
Government already has all information about you, they put on your passport when they print it for you. Zero knowledge proofs allow you to generate attestation about some facts (ie that you are above 21 years) where 3rd party can verify it, where proof itself doesn’t reveal your identity or any other information - just the fact that you’re passing this check is revealed.
Yes and you can consider the passport office a list of everyone who wants to travel overseas.
Ditto, if you apply for internet porn license, you will be on a list of internet porn enthusiasts. Its non trivial information that its largely in your best interest not to provide the government.
Again this all happens before your zero knowledge check.
Design is far from the only threat vector. Any implementation that is less than perfect is prone to all kinds of attacks. A few years ago, there was a report that the NSA could decrypt a double-digit percentage of encrypted web traffic thanks to a larger-than-expected bag of factored primes they keep handy.
Great story, are you claiming that NSA can infer from zero-knowledge proofs inputs, maybe map cryptographic hashes to plain input text or something of that nature?
No, but I bet a dollar that NSA isn't just going to collectively fold hands and say "These schemes and implementations are too good and too secure for us to break. We'll ignore the meta data, network analysis, side channels and our data centers that can store 2 days worth of internet traffic; we'll give up and focus on defensive security only"
Your argument applies equally to any initiative ever made by humans that mentions "internet". Yet it appears quite few things exist on the "internet". We do have cryptography with good guarantees available.
My argument is not that those things don't exist - its just that to my knowledge, I never heard of any real-life implementation that's guaranteed to be NSA-proof[1] - you're welcome to offer a counterexample.
1. Your fancy encryption scheme is pointless if your plaintext can be acquired at either endpoints, of if a bug in the implementation leaks data. The security of the whole matters a lot more than the individual parts as attackers go for the weakest link.
