They note that existing age verification setups largely either rely on providing ID, or on a combination of manual and automated behavior profiling (face recognition, text classification, reports from other users), both of which have obvious privacy and/or accuracy issues. The "double-blind tokens" point to a summary by LINC explaining how they _could_ be implemented with zero-knowledge proofs, but I could not find an article or a practical implementation (could just be a mistake on my part, admittedly)

At _best_ you end up with a solution in the vein of Privacy Pass - https://petsymposium.org/popets/2018/popets-2018-0026.pdf - but that requires a browser extension, a functioning digital ID solution you can build on top of, and buy-in from the websites. Personally, I also suspect the strongest sign a company is going to screw up the cryptographic side of it is if they agree to implement it...