Closed mixmix closed 4 years ago
cc @keks @cryptix
Interesting solution. But just to confirm my understanding: If I don't backup those, I loose access to my DMs, right?
I guess I could potentially send those to a separate group, that only my devices use, to restore the original/legacy behavior of just needing my secret
to restore from the network.
correct, it's an off-chain key.
Note that the creator of a group also starts out with an off-chain key .. and because they don't add themselves or DM themselves if they lose that group key in the current spec they can't access the group again
Yeah I think we're moving to a future where the secret
is just used for signing. We can always make a file that's maintained called big-bag-o-keys.json
to make it easy for people to backup / steal keys again :laughing:
I'm gonna merge this!
This is a scheme discussed with Keks for how to send DMs which you know how to read.
Problem: ideally want to have recps like
[ @mix , @keks , @cryptix ]
For mapping those ids to keys for enveloping, we have a dh based scheme for foreign keys, but had previously blocked doing the same for our own keys asserting that "you should just use a personal group if you want to send to yourself". This has problems though, as it would leak tangles data about your personal group to keks + cryptex (as we don't currently cloak tangle data).
Solution : add a new scheme which is just a key you hold locally for messages encrypted to self. See READMEs for more detail