- From: Kim Hamilton <kimdhamilton@gmail.com>
- Date: Mon, 28 Jul 2025 20:27:23 +0000
- To: "Jaromil" <jaromil@dyne.org>
- Cc: public-credentials@w3.org
- Message-ID: <mdnk59f3.9bd4d651-0c58-46e3-9901-8b330030673e@we.are.superhuman.com>
Thank you for writing this up in a clear and accessible way. Sent via Superhuman ( https://sprh.mn/?vip=kimdhamilton@gmail.com ) On Fri, Jul 18, 2025 at 7:14 AM, Jaromil < jaromil@dyne.org > wrote: > > > > Dear colleagues, > > > > following up on the independent analysis of longfellow-zk I've shared in > my previous email here, and on the GDC25 conference in Geneva where an > European above-18 pilot was announced to use it, I'm now sharing with you > my concerns on privacy issues related to the way zero-knowledge tech is > integrated into wallets. > > > > https:/ / news. dyne. org/ privacy-in-eudi ( > https://news.dyne.org/privacy-in-eudi ) > > > > After talking to some policy experts and journalists about the issue I got > the impression most of them tend to consider as privacy-preserving any > setup somehow sporting the ZK feature. > > > > But as most of you probably know, especially those with a cybersecurity > background, process isolation is a vital pattern to be applied to any > sensitive data until (and during) it is properly anonymized. > > > > I've therefore took some time during my holidays to write up the analysis > linked above. > > > > Knowing that longfellow-zk is used through the Google Play API without any > warranties of process isolation then the outcome will be, yes, a privacy > shield against a number of threat scenarios involving issuers and > verifiers, but no protection against OS manufacturers grabbing all that > sensitive data before it is anonymized. > > > > I'm interested in your opinions here and will likely further discuss this > in calls with Simone Onofri and other colleagues in the W3C SING. > > > > Ciao > > > > -- > jaromil. dyne. org ( http://jaromil.dyne.org/ ) > > >
Received on Monday, 28 July 2025 20:27:35 UTC