Age verification introduces new components into the Trusted Computing Base:
- identity parsing logic
- storage of sensitive user attributes
- verification pathways (local or remote)
- policy enforcement layers
This results in:
- increased TCB size
- reduced auditability
- higher probability of critical vulnerabilities
ChrysalisOS maintains a minimal TCB by design. Age verification directly violates this constraint.
Age verification requires binding:
user ↔ identity ↔ system state
This breaks:
- stateless execution assumptions
- user anonymity guarantees
- process isolation neutrality
Once identity is introduced, the OS becomes:
a stateful identity system rather than a computation platform
ChrysalisOS explicitly rejects identity coupling.
Adding age verification introduces multiple new attack vectors:
- privilege escalation via age bypass
- tampering with stored attributes
- memory corruption in parsing logic
- MITM on verification endpoints
- replay attacks on verification tokens
- service spoofing
- corruption of stored identity data
- rollback attacks
Each of these expands the exploitable surface of the system.
A deterministic OS guarantees:
- same input → same output
- predictable execution paths
Age verification introduces:
- conditional execution based on user attributes
- environment-dependent policy branches
- external dependencies (verification services)
This results in:
non-deterministic system behavior
ChrysalisOS enforces determinism as a core invariant.
Age verification systems depend on:
- third-party services
- government-issued identity
- remote validation infrastructure
This creates:
- hard external dependencies
- failure modes outside system control
- potential censorship vectors
ChrysalisOS avoids all external trust anchors.
Implementations often rely on:
- TPM (Trusted Platform Module)
- Secure Enclave / TrustZone
For identity storage and attestation.
This leads to:
- opaque execution environments
- unverifiable code paths
- vendor lock-in
- reduced system transparency
ChrysalisOS does not rely on opaque hardware trust layers.
ChrysalisOS follows a capability-based model:
process → explicit capabilities → resource access
Age verification introduces implicit global state:
user_age → affects all processes
This breaks:
- explicit authority transfer
- capability isolation
- least-privilege guarantees
Age-related data is:
- sensitive
- long-lived
- difficult to revoke
Risks include:
- data leaks
- forensic recovery
- unintended propagation
ChrysalisOS avoids persistent sensitive metadata at OS level.
Age verification does not guarantee:
- real identity correctness
- prevention of misuse
- effective enforcement
Instead, it creates:
- bypassable mechanisms
- false sense of safety
- increased system complexity
From a systems engineering perspective, age verification:
- increases complexity
- weakens security
- violates minimalism
- breaks determinism
- expands attack surface
Therefore:
Age verification is incompatible with the architecture and goals of ChrysalisOS.
No identity in the kernel. No policy in the execution layer. No expansion of the trusted base.