[Feature] "ban-phrase"

[qdhj]

Is there an existing request for feature?

• [X] I have searched the existing issues

What feature would you like?

Pretty interesting feature - "ban phrase". It is a second seed-code, inputing which will not restore, but completely delete your Session account and all the dialogs.

Not very important, but useful feature, if implementing it is easy.

Anything else?

No response

[beantaco]

What is the use case for a ban phrase?

I imagine something like a revocation code/certificate that, when published, blocks all communications to/from a Session ID, which could be useful if a user's Session account is hacked to stop it from working (to stop impersonation), but is this what you have in mind?

However, assuming the above, I wonder about the following about revoking Session IDs.

• This feature would require some kind of infrastructure that stores and discloses revoked Session IDs so that every Session user can know which IDs are revoked... unless the Session user who revokes their account shares the ban phrase to their contacts??
• There must be a cryptographic link between the ban phrase and corresponding Session ID that is secure, so that Session users' accounts don't get wrongly revoked.
• What are the risks of publicly disclosing information about revoked Session IDs?
• Shrinkage of the set of unaffected Session seeds causing account generation friction (in the far far future).

Overall, I don't think it's a good idea. Perhaps other communication channels should be used by a compromised account user to alert their contacts about their compromised Session ID.

[ViktorWalter]

One use-case I can imagine is if the user is being coerced or forced to reveal access to their account. By providing the "ban-phrase" instead of the correct one, the system would automatically erase the sensitive data in question to protect the user. But I'd imagine that for many this use-case might seem too extreme.

[qdhj]

What is the use case for a ban phrase?

I could be a journalist (or a political activist, or gay in a country where being gay is forbidden, etc), who could be forced by, for example, government to reveal my Session mnemonic seed, so all dialogs for last month could be restored. In case if resisting is hard and dangerous (perhaps, I could be tortured for that), I could play that I'm ready to cooperate, but reveal to them the wrong mnemonic seed (both could be stored eg. in my password manager under different names)