The EU Digital Identity Wallet fails to meet its claimed privacy properties.

The EU digital ID wallet can't deliver the privacy properties it claims L: https://github.com/eu-digital-identity-wallet/av-doc-technical-specification/issues/26 C: https://news.ycombinator.com/item?id=47824038 posted on 2026.04.19 at 09:08:06 (c=0, p=7)

The EU digital ID wallet can't deliver the privacy properties it claims ---- - 41 minutes ago | 11 points | 0 comments - URL: https://github.com/eu-digital-identity-wallet/av-doc-technical-specification/issues/26 - Discussions: https://news.ycombinator.com/item?id=47824038 - Summary: A GitHub issue proposes three security and privacy improvements to the EU Digital Identity Wallet's age verification specification. First, Section 4.3 should explicitly prohibit Attestation Providers from including trackable data in Proof of Age attestations that could compromise unlinkability when the portrait attribute is not transmitted, while clarifying that Section 4.1.1 defines the maximum allowed attribute set. Second, Section 4.3 should mandate that Attestation Providers delete associations between issued attestations and requesting users immediately after transmission to the wallet, reducing collusion risks until Zero-Knowledge Proofs (ZKPs) become mandatory. Third, Section 4.4 should require Relying Parties to delete attestations after user sessions end. The author notes that mandatory ZKP presentation using BBS or mdoc-based methods would fundamentally resolve the storage and collusion concerns.

The EU digital ID wallet can't deliver the privacy properties it claims https://github.com/eu-digital-identity-wallet/av-doc-technical-specification/issues/26 #eu #github

The EU digital ID wallet can't deliver the privacy properties it claims - https://github.com/eu-digital-identity-wallet/av-doc-technical-specification/issues/26 #hackernews