> but not actually write it down or link the two identities digitally
What is to stop you just selling the ID card with zero consequences? Unless it has a photo on it of course, in which case that itself is an identifier you can't easily rotate.
Better is to use zero-knowledge cryptography to prove that you have a real ID's private key in your possession. Leaking the private key would be the same as giving away your real identity. Now you could make a proxy service that generates the proofs for money without it being traced back to you - but maybe a countermeasure to limit but not eradicate abuse would be for the protocol to include a proof you haven't used the same real identity to prove your age on that service in at least x days (that does mean you could be tracked for x days until you prove your age under another pseudonym).
What is to stop you just selling the ID card with zero consequences? Unless it has a photo on it of course, in which case that itself is an identifier you can't easily rotate.
Better is to use zero-knowledge cryptography to prove that you have a real ID's private key in your possession. Leaking the private key would be the same as giving away your real identity. Now you could make a proxy service that generates the proofs for money without it being traced back to you - but maybe a countermeasure to limit but not eradicate abuse would be for the protocol to include a proof you haven't used the same real identity to prove your age on that service in at least x days (that does mean you could be tracked for x days until you prove your age under another pseudonym).