Closed OR13 closed 4 years ago
Hyperledger Indy wallets (not mobile apps, but the storage containers underneath them) encrypt nearly all metadata by default; it is possible to erode this position slightly, but not in toto. See https://github.com/hyperledger/aries-rfcs/tree/master/concepts/0050-wallets#types-of-sovereign-data and also the "Tags and Queries" section just above that.
The reason we did this is that these containers are specialized to store data on the more sensitive side of the sensitivity spectrum. They're not for storing your cat photos.
Because EDVs aspire to store all data, the problem space is broader, and that creates more tensions. Having metadata be plaintext increase the options and decreases the complexity (and probably size and performance) of your indexing strategy, but it also lets configuration shoot the user in the foot when it's done unwisely. If it were me, I'd probably pick secure by default and side with Orie that the answer should be "no."
Closing we have reached consensus on this issue.
I suggest no:
https://www.theverge.com/2013/7/17/4517480/nsa-spying-prism-surveillance-cheat-sheet
Imagine if it didn't matter what they were forced to share by a NSL... because they couldn't see anything.