%z56u/Toa0PVFvxx5Qjve0g0kQD6oHo7PSSTcxvTh3Ck=.sha256Empowered Covens a.k.a. Safety Teams
n.b. I have borrowed the term Safety Teams from Tiara
forking and copying from another thread:
Does focusing on the theft scenario narrow to some degree the whole focus of dark-crystal from generalized secret sharing to the more specific function of sharing ssb identity secrets? This whole question of deprecating an identity applies to ssb secrets, but not to other secrets you might use dark-crystal to shard out.
@kieran: "It does to a degree. I think in order to deal with
theftproperly, we either think about a trust declaration system or we forward all shards (I think @dan this is what you were saying here?).With a trust declaration approach, Alice says to @bob that @alice is no longer Alice, Alice is in fact @newalice. @bob verifies with Alice out-of-band that Alice and @newalice are actually the same person, then @bob declares to others that @alice is not Alice, Alice is actually @newalice. The other shard custodians do the same, creating a consensus within Alice's trusted circle that @alice is in fact a thief, meaning those custodians will no longer send back shards to @alice (and the UI can disable this completely). This is particularly relevant in the case of say cryptocurrency private keys. For example, @newalice has recovered her SSB identity from @bob + 2 other custodians. But hasn't recovered the shards for other secrets. @newalice might want to reevaluate, get all those shards sent back at once, move funds out of all wallets into new addresses (i.e. generate new keys) and create a new dark crystal for each. Or @newalice can declare to her trusted peers just not to send @alice any shards. Both are an approach. The
Forward Allis the safer option IMO. Perhaps thats what we should think about now. Perhaps later we can think about a trust declaration system."