> it's needing to submit a selfie and ID photo to be verified, saved, and permanently bound to your every single action online.
And leaked every 6 months, now including your ID photos and real name instead of an internet pseudonym, and lots of other sweet details that make extortion schemes a child's play
It would be cool if the post office could issue you an ID card, but for a pseudonym of your own choosing, so that when the data leaks, you can just trash it and get a new one. You could just show the dude at the post office your real id and he can check the age, but not actually write it down or link the two identities digitally.
Even cooler would be if you create a different identity for each service so when they do leak, you know who leaked it. My first id would be for John Facebook Doe.
> but not actually write it down or link the two identities digitally
What is to stop you just selling the ID card with zero consequences? Unless it has a photo on it of course, in which case that itself is an identifier you can't easily rotate.
Better is to use zero-knowledge cryptography to prove that you have a real ID's private key in your possession. Leaking the private key would be the same as giving away your real identity. Now you could make a proxy service that generates the proofs for money without it being traced back to you - but maybe a countermeasure to limit but not eradicate abuse would be for the protocol to include a proof you haven't used the same real identity to prove your age on that service in at least x days (that does mean you could be tracked for x days until you prove your age under another pseudonym).
And leaked every 6 months, now including your ID photos and real name instead of an internet pseudonym, and lots of other sweet details that make extortion schemes a child's play