Hacker News new | past | comments | ask | show | jobs | submit login

This is smarter than what I was imagining.

So I come up with a username, on my client side it is hashed and Signal's kv store is checked to make sure no one claimed the hash yet.

Next I tell the username to my peer via some other secure channel or IRL and their client sends the hashed username to this kv store to do the usual things.

I guess the hash still points at the phone number behind the scenes though?




> I guess the hash still points at the phone number behind the scenes though?

AFAIK, from the article, yes. But, you can create/delete that hash->phone mapping at will.

Hence the recommendation to just create when required, or frequently change them if you're concerned.

Or, use the QR code/link generation too. Those work the same way.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: