Once a stay has been booked, it may be desirable to collect personal information for regulatory reasons, or simply to e-mail a copy of the booking confirmation.
Solution
Send the personal information encrypted with the service provider's bidder EOA public key via waku. This ensures that the data remains encrypted, end to end, directed to the service provider.
[x] #88
[x] #90
[ ] Storyboard collection flow in stays
[ ] #91
[ ] Implement PIIE protocol in lpms-server
[ ] Implement PIIE protocol in stays dapp
Alternatives considered
Using the stays dapp automatically send an e-mail: this requires exposure of an API key for e-mail sending which is open to abuse, or obscure CORS policy security requirements, complicating matters.
Other considerations
[ ] Consider zk routines to allow proving of personal data being sent. If it's a condition of fare that the personal data is sent, if this is secured just between two parties, it's impossible to prove the sending, or that the other party received, the personal information.
xdaluca
commented
2 years ago
Problem
Once a
stayhas been booked, it may be desirable to collect personal information for regulatory reasons, or simply to e-mail a copy of the booking confirmation.Solution
Send the personal information encrypted with the service provider's
bidderEOA public key viawaku. This ensures that the data remains encrypted, end to end, directed to the service provider.staysPIIEprotocol inlpms-serverPIIEprotocol instaysdappAlternatives considered
staysdapp automatically send an e-mail: this requires exposure of an API key for e-mail sending which is open to abuse, or obscureCORSpolicy security requirements, complicating matters.Other considerations