Once a stay has been booked, it may be desirable to collect personal information for regulatory reasons, or simply to e-mail a copy of the booking confirmation.
Solution
Send the personal information encrypted with the service provider's bidder EOA public key via waku. This ensures that the data remains encrypted, end to end, directed to the service provider.
[x] #88
[x] #90
[ ] Storyboard collection flow in stays
[ ] #91
[ ] Implement PIIE protocol in lpms-server
[ ] Implement PIIE protocol in stays dapp
Alternatives considered
Using the stays dapp automatically send an e-mail: this requires exposure of an API key for e-mail sending which is open to abuse, or obscure CORS policy security requirements, complicating matters.
Other considerations
[ ] Consider zk routines to allow proving of personal data being sent. If it's a condition of fare that the personal data is sent, if this is secured just between two parties, it's impossible to prove the sending, or that the other party received, the personal information.
Problem
Once a
stay
has been booked, it may be desirable to collect personal information for regulatory reasons, or simply to e-mail a copy of the booking confirmation.Solution
Send the personal information encrypted with the service provider's
bidder
EOA public key viawaku
. This ensures that the data remains encrypted, end to end, directed to the service provider.stays
PIIE
protocol inlpms-server
PIIE
protocol instays
dappAlternatives considered
stays
dapp automatically send an e-mail: this requires exposure of an API key for e-mail sending which is open to abuse, or obscureCORS
policy security requirements, complicating matters.Other considerations