mixmix
commented
4 years ago cc @keks @cryptix
Closed mixmix closed 4 years ago
mixmix
commented
4 years ago cc @keks @cryptix
cryptix
commented
4 years ago Interesting solution. But just to confirm my understanding: If I don't backup those, I loose access to my DMs, right?
I guess I could potentially send those to a separate group, that only my devices use, to restore the original/legacy behavior of just needing my secret to restore from the network.
mixmix
commented
4 years ago correct, it's an off-chain key.
Note that the creator of a group also starts out with an off-chain key .. and because they don't add themselves or DM themselves if they lose that group key in the current spec they can't access the group again
mixmix
commented
4 years ago Yeah I think we're moving to a future where the secret is just used for signing. We can always make a file that's maintained called big-bag-o-keys.json to make it easy for people to backup / steal keys again :laughing:
mixmix
commented
4 years ago I'm gonna merge this!
This is a scheme discussed with Keks for how to send DMs which you know how to read.
Problem: ideally want to have recps like
[ @mix , @keks , @cryptix ]For mapping those ids to keys for enveloping, we have a dh based scheme for foreign keys, but had previously blocked doing the same for our own keys asserting that "you should just use a personal group if you want to send to yourself". This has problems though, as it would leak tangles data about your personal group to keks + cryptex (as we don't currently cloak tangle data).
Solution : add a new scheme which is just a key you hold locally for messages encrypted to self. See READMEs for more detail