[Feature Request] Direct exchange of identities and ephemeral keys via QR codes

[generalmanager]

I would really like to be able to directly exchage the identity keys and ephemeral keys with QR codes. We could of course simplify this by only exchanging the identity keys and doing all the DH fun over the network. And we already have the whole identity scan option setup.

This way we can exchange TS contacts without having to type phone numbers (like animals :D) But more importantly we also verified the identity in the same step.

At this point there is one problem tough: We don't have a way to insert the contact into the Android contacts yet. As far as I can see there two ways we can take:

• We can use this as a way to exchange TS IDs without telling someone our phone number. To do so we would have to add TextSecure accounts to Android. Afterwards we can add contacts with those accounts, which just have the identity key. But this needs another permission - from what I heard from moxie, we should wait some time before introducing new ones.
• We can ask the server to hand us the phone number (or email / the other fun stuff from #1085 if that ever gets implemented), which we then add as a normal contact. This would probably call for some slight modifications to the server tough.

What's your comments, ideas, criticism? Hit me ;-)

[strugee]

We can ask the server to hand us the phone number (or email / the other fun stuff from #1085 if that ever gets implemented), which we then add as a normal contact. This would probably call for some slight modifications to the server tough.

I don't know a huge amount about the Signal server, but AFAIK, this can't be done. This is because the phone numbers are hashed before being uploaded to the server, so you can get a key from a phone number (hash) but not the other way around. This is for privacy reasons. If someone who actually works on the server wants to correct me, feel free.

[automated-signal]

GitHub Issue Cleanup: See #7598 for more information.