Can you model the flow of the attack you want to mount here?
replyIs it the following:
Issuer revokes the wallet of Alice and then publicly says “This ID is Alice btw” and then verifiers can check their lists to see whether any of their received signatures are revoked (in which case they must be Alice)
The EU's own experts have modeled it. At least that's my understanding of what they are saying in their "Privacy risks and mitigation" document [1].
replySection 5 mentions that this issue could be mitigated at some point in the future by using ZKPs, but here's what they're saying about the status of this ZKP integration:
"This topic will be revisited in Topic G to determine the foundational requirements needed for its future integration"
Doesn't sound like this will be implemented any time soon.
[1] https://eudi.dev/2.5.0/discussion-topics/a-privacy-risks-and...