staltz
commented
1 year ago The intention was to gradually move away from content.recps and prefer recps because actually I'm wrong, shit, I thought that was how it worked. I guess we need to prefer content.recps ends up getting deleted from contentcontent.recps because that's how other peers get to know who are the participants in a box1 private chat. :cringe:
So yes, somewhat footguny.
the
create()method uses this to pick the recps for encryptionhttps://github.com/ssbc/ssb-db2/blob/master/core.js#L663
The docs don't mention which wins if both set. Also this code allows both the be set, and for a message to be encrypted to different people than it advertises to.
I'm not sure if this is a footgun... my gut tells me you should never have them be different