Move to a model where names are stored publicly as HASH + SALT #118
Comments
|
That said it may be easier to reveal segments of the graph easily because names don't have a great deal of variety, not relative to strong passwords, which are the intended protection of hashes and salts in case of database intrusion usually. For example, you find one person, then maybe you can find their family based on the connection of them and keeping the same family name + same heritage of names in your search space. |
|
Made even worse if you have some idea of who it is you might be targeting, like if you're trying to unveil wealthy accounts and you have an inkling who it might belong to. That said it is not something like a password you're unveiling, but the security we're offering in a system like this is likely fairly weak. |
|
@tinaroh relevant to ways of making Raha more private. |
While this does not prevent a determined attacker from unmasking a given user, it does prevent the entire user graph from being revealed trivially.
Added by Omar:
Context: Trying to see if there's a way we can a) make Raha a bit more private by not associating names with accounts/balances in the blockchain publicly; while b) not storing that information privately within Raha servers specifically, effectively centralizing this aspect of identity. if we stored hashes and third party verifiers could check, for instance, a government id's name against a hashed name rather than the real one, maybe you can get some amount of pseudoanonymity while still creating a network of trust.
But as mentioned in the comments below, this idea is probably pretty flawed.
The question ultimately is, what's more important—privacy or decentralization? or, is there a scheme such that we can have both?
The text was updated successfully, but these errors were encountered: