1. Imagine what the protocol would look like without privacy (zk allows you to “sign” a computation, so just do the computation in the clear)
2. Imagine what the protocol would look like by revealing a hash of the passport only (the idea of a “nullifier”, a unique identifier that hides the data and and can be revealed to prevent replays)
The first one should already answer your question: the way you would prevent replays or portability (I use your proof) is to attach some sort of session context to your proof
1. Imagine what the protocol would look like without privacy (zk allows you to “sign” a computation, so just do the computation in the clear)
2. Imagine what the protocol would look like by revealing a hash of the passport only (the idea of a “nullifier”, a unique identifier that hides the data and and can be revealed to prevent replays)
The first one should already answer your question: the way you would prevent replays or portability (I use your proof) is to attach some sort of session context to your proof