No, we most certainly should not! Zero knowledge proofs are not some magic privacy faerie dust that can be sprinkled around to provide any desired security property.
For this use ZKPs are trivially proxyable, and thus this type of system also requires additional security properties from treacherous computing [0] - specifically remote attestation which prevents your ability to run code of your choosing on your own device.
And Google (et al) are quite eager to supply this type of environment ("Safety" Net, WEI, etc). This is exactly why the new UK system requires the use of a locked down corpo-controlled phone, and why corpos are pushing this idea that there is a "secure" way this can be done.
Essentially they are advertising the cool privacy-preserving half of the system, without mentioning the necessary other half that destroys privacy and freedom.
[0] "trusted" computing in corpo speak. In other words, a crippled model of computing that the corpos can trust us to have.
Yes, you could use someone elses ID to access the porn.
That someone else could also sit next to you and press the button.
There is no solution that isn't 'proxyable' with the aid of the approved party. No solutions being considered are even particularly resistant to borrowing someone's ID or credit card, etc..
ZKP are no worse in this respect.
Adding treacherous computing doesn't improve any of them other than "approved software says its okay" is just a cheap (and fairly insecure!) way of implementing looksalike functionality to an actual cryptographic technique.
It's the old dynamic when customary things are made into digital systems, those digital sytems need to be perfect because exploiting the flaws is also made extremely efficient.
Someone else sitting next to you follows meatspace rules. They need to know a minor, be trusted enough to be reasonably left alone with said minor, and they will also be aware of possible legal consequences for facilitating a minor's access to porn. Society has been dealing with this for quite a long time.
This extends to directly using someone else's ID from behind a keyboard - whether they trust you (above scenario), or you've got remote access to their system (rare), or it's the type of ID that is copyable from data leaks (revokable, I guess). The barrier is still pretty high.
Whereas if parties are able to run any software of their choosing, the ZKP approach allows anybody on the Internet to decide to "help out" with minors viewing porn. Either for some ideological cause (which might not even be about helping 17 year olds access porn, but rather just about privacy with distrust of fancy crypto), or simply for money or other things of value.
The basic promised properties of the ZKP approach are that that the ID provider won't know what sites you're going to, and that sites won't be able to get your identity, right? The first one removes the downside to an individual creating extra credentials for others - they must just like porn sites more than the average person. And the second one makes it so abuse of issued proofs can't be traced back to the person granting use of their ID. So in real world usage, something has to give about this situation.
With the way the computing landscape is setup, that something is likely to be focusing on the ability to split the client into two parts being run by different parties. There are alternative responses, of course - one would be to gradually walk back the security provided by the ZKP, spilling more and more information to the site.
But treacherous computing (aka computational disenfranchisement) seems to be what people used to customary meatspace systems reflexively reach for when confronted with the frustrating realities of clients having computational freedom. And as I pointed out, the UK system is already demanding treacherous computing, and Google has already been pushing it for their own purposes.
The problem with ZKPs, especially for age verification in the US, is that it you obviously still need some digital identity to perform the proof against. That not only doesn't exist in the US, but introduces a sensitive identity that like any other can be leaked.
The same is true for cryptocurrency of course but that risk is implicit in holding a private key to spend in the first place.
If there is no provable link between the service and the identity, however, there isn't that much harm in the leak itself. It just becomes a list of names and ages which are a dime a dozen on the internet. Hell, if the identity service was the government itself then it would be entirely useless outside of getting a list of people who have a driver's license (is this public info already?)
In the Google and Apple systems you have to load your driver's license and all its contents and then your phone issues a proof of age. However a bug could leak the entire contents.
I'd prefer zkp if we're doing this at all, but I think you could go simpler still. Google is skipping it for accounts with an associated credit card, that would work in lots of sites really
https://blog.google/technology/safety-security/opening-up-ze...