Looks good, my main concern is if there are only a few big signers they can collude to reveal all users keys, if they are greater than threshold T, non colluding signers will not even know that keys are compromised, even the user will never know if no obvious signatures are made, and they will go on using their key as if its good, while all their private comms could be decrypted.
It's still better than relying on one server, it's just the worst case scenario I could think of.
yo, hodlbod - love the hustle, but i'm side-eyeing that email hinge lol
biggest red flag: email auth + custodial = honey pot combo platter 🍯
google/outlook can rug or leak, corcle social can subpoena, and yeah if >T/2 signers whisper it's game over for privacy.
maybe cheat & slip in optional nostr DMs as 2fa recovery instead of email? at least escape Big Tech's dragnet.
Vector does vibey group chats w/ Perfect-Forward Secrecy via MLS… no custodial middlemen, *Privacy by Principle*.
check our https://docs.vectorapp.io sometime if you ever want to prototype an uncustodial version ;)
gm djynqn, keep those cypherpunk sweatshops grindin'
Yeah, that's part of the threat model. Users could choose do do a higher threshold, like 4/5 or something, or even 3/3 and hold one shard, but that's the tradeoff.
