Protocole Sign et le coût caché de la sur-divulgation

Vaelion Arctis · 2026-03-19T18:58:02.000Z

Regarder le protocole Sign ce soir m'a fait réaliser combien nous sur-divulguons juste pour prouver quelque chose de simple. Vous savez comment chaque fois que vous prouvez quelque chose en ligne, comme un contrôle d'âge ou d'éligibilité, vous finissez par envoyer une copie de votre carte d'identité ou de votre passeport ? Nom, date de naissance, adresse, photo… tout va sur un site web ou une entreprise aléatoire. Un hack et votre identité entière est exposée pour toujours. C'est ça le vrai problème : sur-divulgation. Le protocole Sign redéfinit ce modèle. Au lieu de tout donner, vous ne partagez qu'une seule chose dont ils ont réellement besoin. Comme si un site avait juste besoin de savoir que vous avez plus de 18 ans, vous pouvez prouver « oui, plus de 18 » sans révéler votre date de naissance, votre nom ou quoi que ce soit d'autre.

Looking into Sign Protocol  this evening made me realize how much we over-disclose just to prove something simple.
You know how every time you prove something online, like an age check or eligibility, you end up sending your full ID card or passport scan? Name, date of birth, address, photo… everything goes to some random website or company. One hack and your entire identity is out there forever. That’s the real problem: over-disclosure.
Sign Protocol redefines that model.
Instead of giving everything, you only share the one thing they actually need. Like if a site just needs to know you’re over 18, you can prove “yes, over 18” without revealing your birthday, name, or anything else.
So how does that actually work?
In Sign Protocol, this is achieved using zero-knowledge proofs. They let you prove something is true without exposing the data behind it. The verifier gets confirmation, but not the underlying information.
In Sign Protocol, at the protocol level, this interaction is mediated through attestations.
In simple terms, a trusted issuer, such as an institution, an app, or any authority, creates a signed statement that confirms something about you, for example, that you meet a specific condition.
You keep this credential in your wallet. When a platform needs to verify it, you don’t share the full record. Instead, you generate a proof from it that confirms the claim without exposing unnecessary details.
What’s interesting is that these systems can be designed to be unlinkable, meaning different verifications don’t have to be tied together—reducing cross-platform tracking and making identity usage more private by design.
Also, instead of relying on one big centralized database storing everyone’s sensitive data, this model reduces dependence on centralized data honeypots, which are usually the biggest targets for hacks.
Even revocation is handled more carefully. If a credential becomes invalid, systems like this can support privacy-preserving revocation mechanisms, depending on how they’re implemented, so validity can change without exposing unnecessary details.
No more handing over your entire identity just to prove one small thing.
That’s what makes Sign Protocol compelling to me, it’s not just about identity, but about minimizing what actually needs to be revealed.
Honestly, this feels like a shift from “trust us with your data” to “prove it without giving it.”
Curious what you guys think, does this ZK-based selective disclosure model actually have a shot at going mainstream, or are we still early?
@SignOfficial  #SignDigitalSovereignInfra $EDGE $LYN $SIGN 
LYNUSDT
Perp
0.13185
+82.01%
SIGNUSDT
Perp
0.04535
+11.59%
EDGEUSDT
Perp
0.68
+97.10%
 

Sign Protocol and the Hidden Cost of Over-Disclosure