Let's assume that (1) KYC as-is is broken and a security risk due to potential data leakage and (2) dropping ID checks altogether is a nonstarter.

What's the solution?

I've seen a lot of hand-waivey "zk fixes this". Ok, how?

when using zk those support agents would not have access to passport pics etc, they would only have a proof which is returned in context data like confirming the person has access to the account, goes by the name on the account etc

product designer since 2018, farcaster DAU since 2023, aiming higher in a humane way

will they? it's hard to prove otherwise but the way it should work as far as I understand is that you'd sign in with your account (1) and second you'd upload a passport/selfie in an anonymous session which will generate proof that is sent while passport and details are not saved

but someone will have your info in their database even if it’s the company generating the zkp