dcrstakepool icon indicating copy to clipboard operation
dcrstakepool copied to clipboard

Published 20 hours ago verified publisher icon decred

privacy: Make email optional

Open xaur opened this issue 6 years ago • 2 comments

Only 20 stakepools know email addresses of people holding some 50% tickets. I don't know exact percentage, but it is big enough to be a concern.

Email is obsolete, legacy, ancient, anti-privacy comm system. It must not be a requirement for new systems built in 21 century to support the new decentralized finance.

Stakepools shall allow what I call "first party registration", where one is not forced into any 3rd party to sign up with a service. Let users have a choice on their account recovery.

Please add 'privacy' label. Similar to decred/politeia#554. Related to #259.

xaur avatar Nov 07 '18 16:11 xaur

I've thought about this a bit as well. Seems to me that you could make your wallet your key where you simply prove who you are via signature.

mverrilli avatar Nov 07 '18 22:11 mverrilli

Yes, that would be public key based authentication (#291). As I understand, developers avoid novel authentication schemes to cut costs on research and possible rabbit holes.

But that's not required to drop the dinosaur email requirement. Just allow to use login+password like in good old times.

xaur avatar Feb 10 '19 13:02 xaur