High tech solution to low tech problem

[richtier]

Nice project, but the real workaround lies in social engineering, not tech. Looking at the UK rules, specifically at point 2.

On Wednesday 15 December, the coronavirus (COVID-19) rules for visiting certain venues and events will change. To enter certain venues and events in England you must have proof of one of the following:

1. you are vaccinated with 2 doses of an approved vaccine (or one of the single-dose Janssen vaccine) – we will keep this under review as boosters are rolled out

2. you have completed a negative PCR test or negative rapid lateral flow test within the past 48 hours

3. you are exempt from vaccination or vaccination and testing on the basis of a medical exemption or clinical trial participation

This repo covers the first point partially, but is blocked by the near impossibility of getting valid private key, and the near certainty that they will change the secret keys if one is leaked. In fact updating the secret keys is baked right into the NHS app.

But point 2 shows the rules are so easy to circumvent it's laughable: what is to stop someone doing a lateral flow test and then pocketing it and presenting that at every venue? Nothing. A single negative lateral flow test IS as good as a vaccine passport. I loosely consider this social engineering.

[royarisse]

Where for the UK this might be a valid way around the rules, here in The Netherlands (and most other EU countries) you need to show a valid Domestic Greenpass (QR) to be able to enter non-essential venues and events.

Apart from that, I do like your way of thinking! I'd say we need to get real smart if we want to get rid of this QR madness :)