[idea] Add `numTimesResetAccount` field to ticket

[rrrliu]

Still in proposal stage, pending decision vs. a generic account reset rate limit or other methods.

Add a new field numTimesResetAccount for to the EdDSATicket that represents the number of times a user has currently reset their account. This field will also be added as an option on the ZkEdDSATicket under the fieldsToReveal argument. As a result, application developers are able to request a proof that reveals this accountResetNonce and then rate-limit that user depending on what the accountResetNonce is.

At the data storage level, it would likely be stored as a integer column numTimesResetAccount in devconnect_pretix_tickets that is initialized to 0. Every time a certain user goes through account reset, all tickets corresponding to that ticket in the devconnect_pretix_tickets table would have their numTimesResetAccount value incremented by one.

[artwyman]

Can you flesh out what the accountResetNonce is, and how it would be used? You say it "represents the number of times". Is it literally a counter of resets? Is it a random value generated at reset time? Does it have other cryptographic properties?

[rrrliu]

Sorry, nonce is an overloaded term. It's a counter per devconnect_pretix_ticket than starts at 0 and is incremented every time a particular email goes through the account reset flow. Updated the description above @artwyman

[rrrliu]

Subsumed in #630