Linkdrop flow during Login

[ilblackdragon]

Currently Linkdrop would be used for creating accounts. At the same time, the app needs to know if user needs new account before creating linkdrop. But without targeting user to Wallet first, there is no way to identify this.

[kcole16]

We might be able to make some changes to the linkdrop contract to make this easier.

If we make balances reusable, allows Flux to send most users to wallet with a key e.g.

1. Flux sends me a key and I never use it (or already have an account, thus Wallet doesn't use it)
2. They send someone else a key without adding additional funds to the Linkdrop contract

This doesn't prevent spam/sybil attacks, but will at least cut a step out of the flow.

The alternative is pretty ugly:

• Redirect the user to the wallet
• See they have no account
• Redirect back to Flux to get a linkdrop key
• Redirect to wallet with key

And this is also in no way sybil resistant

cc @vgrichina

[vgrichina]

Agree that contract shouldn't be using up tokens that aren't claimed.

As for Sybil resistance – I think we have such options in short term:

• login with Google
• verify phone number when setting up account

[kcole16]

I’m not sure Sybil resistance on our side helps the app that much, as they’ll have already given the user a funded Linkdrop key

[vgrichina]

I’m not sure Sybil resistance on our side helps the app that much, as they’ll have already given the user a funded Linkdrop key

@kcole16 it's not like conditions for claiming Linkdrop are set in stone. We can require another signature by our backend if necessary.