The following is an invited publication and opinion of Evin McMullen, co -founder and CEO of Billions.network.
Zk will not save us: why digital identity must remain plural
The identity wrapped in zero knowledge (ZK) was praised as a silver bullet to solve everything about presenting online, providing a verifiable personality test and that presents privacy without the need to trust governments, platforms or biometric databases.
But as the founder of Ethereum, Vitalik Bugerin, he argued in June, the encryption alone cannot fix the coercion “at the architecture level”. When the identity becomes rigid, centralized and of a single stature, pseudonymy dies and coercion becomes inevitable.
The elevated vitalik risks in their recent publication are not only theoretical. They are the inevitable result of systems that try to impose a unique and fixed identity on a pluralistic internet. An account per person sounds fair, until it becomes mandatory. Add ZK tests to the mixture, and all it has done is to encrypt the shackles.
Digital identity is becoming an important issue for governments, as evidenced by the G7 in service of a report last year to inform the policy, and the EU summit in Berlin in June to evaluate its regulatory framework for electronic identities and trust services.
ZK’s limits alone
Zero knowledge tests allow users to prove the statements (age, residence, singularity) without revealing underlying personal data through the use of cryptographic methods. It is like showing a sealed envelope that everyone can confirm contains the correct answer, without anyone opening it. In theory, this should support privacy. But as Vitalik argues rightly, the problem is not what the tests are hidden, but what the system assumes.
Most ZK-ID schemes depend on a central design principle: an identity per person. That could make sense to vote or prevent bots. But in real life, people operate in many social contexts (work, family, online, etc.) that are not perfectly assigned to a single identification. Make a person’s model, an ID, even with ZK wrappers, create a fragile system that is easy to assemble.
In such a system, coercion becomes a trivial matter. Employers, governments or applications may demand that a user reveal all their linked identities. The pseudonym becomes impossible, especially when the IDs are reused in all applications or anchored to immutable credentials. Even the illusion of the lack of innumerability decomposes under the pressure of automatic learning, correlation attacks or good power to the old.
What began as a privacy tool becomes surveillance infrastructure, but with a more pleasant interface.
Identity is not the problem; The uniformity is
Systems wrapped in ZK do not fail because ZK is defective; They fail because the surrounding architecture clings to an outdated concept of identity that is unique, static and centralized. This is not how humans operate, and it is not how the Internet works.
The alternative is pluralism. Instead of a global identification that follows it everywhere, imagine a model in which each application, platform or community, probably human and reliable, appears differently, but contextually unique. Its credentials are local, not universal. You are verifiable without being traceable. And no one, not even you, can be forced to reveal everything about you.
This is not a fantasy. It is already working.
The DIDS profile and the case of context -based identity
An approach that is already in production uses decentralized identifiers (DIDS) by application so that even coludance platforms cannot link people of a user.
It is a structural solution, not only cryptographic. Instead of building global records that link people to a single identity, we can anchor confidence in pluralistic models with decentralized reputation graphics, selective dissemination, non -attached credentials and ZK tests that impose contextual verification instead of static identifiers.
This system is already used by more than 9,000 projects, including Tiktok and Deutsche Bank. And it’s not just for humans. The same framework promotes the Deptust Initiative of billions of networks, which extends the identity and reputation verifiable to AI agents, a need on the Internet increasingly made up of autonomous systems.
Do not fight for better locks vigilance
Some see identity as a necessary evil, a way to avoid erroneous information or spam. But good identity design does not require surveillance. It only requires context.
We do not need an identification to govern them all. We need systems that allow people to prove what is needed, when necessary, without converting each interaction into a permanent record. Do you want to show that you are not a bot? Good. Test singularity. Do you want to show that you are over 18 years old? Excellent. Do it without delivering your date of birth, postal code and biometric template.
Crucially, we must resist the impulse to equate compliance with centralization. Systems that use coercive biometry, rigid records or global databases to enforce identity may seem efficient. But they introduce potentially catastrophic risks: irreversible violations, discrimination, exclusion and even geopolitical misuse. Biometric data cannot be rotated. Static identifications cannot be revoked. Centralized models cannot be done insurance; They can only become obsolete.
Vitalik is right, but the future is here
The Vitalik essay warns about a future where identity systems, even when they are based on the best cryptography, accidentally strengthen the same damage that they set out to prevent. We share that concern. But we also believe that there is a path to follow: one that does not commit to privacy, applies uniformity or turns people into nodes into a global registry.
That path is pluralistic and decentralized, and is already live.
Let’s not waste our best cryptographic tools to defend broken ideas. Instead, we build the systems that coincide with the way people really live and how we want the Internet to work.
The future of digital identity does not need to be universal. It simply needs human being.