Implement heir system #6

New issue

Open

opened 2024-06-30 17:56:43 +00:00 by sofia · 0 comments

sofia commented 2024-06-30 17:56:43 +00:00

Owner

Copy link

Currently, there is no heir system in place. Users can add heirs, but that information is not used for anything.

The heir system should work as follows:

1. A user adds heirs that can request access to their memories.
2. If something happens to the user (see the rationale at the README), heirs can request access to the user's data.
3. The user is informed and given a period of time to stop the account transfer.
4. Once that period is over, the account of the user is given new credentials linked to the heir.
5. The heir can log-in with those credentials and access a read-only version of the user's memories.
6. If the user ever signs-in using their original credentials, the account transfer is undone and a message is automatically sent to the instance staff.
7. The staff will determine if the account was accessed by mistake or if any abuse has taken place.
8. If abuse has taken place, the staff will inform the user and any interested parties.

In order for this to work properly, we need to implement and e-mail verification system (#1) and strong abuse prevention (#4).

Open questions

• Should the staff be involved in the transfer process?
  • If so, should any documentation be requested before completing the transfer process?
• How can the staff determine abuse once a user whose account has been transferred signs-in?
• Should the transferred account be read-only? Could the memories created after the transfer be stored in another section instead of not at all?
  • Further research needs to be done to determine the use-case, benefits, and drawbacks of each option.

Currently, there is no heir system in place. Users can add heirs, but that information is not used for anything. The heir system should work as follows: 1. A user adds heirs that can request access to their memories. 2. If something happens to the user (see the rationale at the README), heirs can request access to the user's data. 3. The user is informed and given a period of time to stop the account transfer. 4. Once that period is over, the account of the user is given new credentials linked to the heir. 5. The heir can log-in with those credentials and access a read-only version of the user's memories. 6. If the user ever signs-in using their original credentials, the account transfer is undone and a message is automatically sent to the instance staff. 7. The staff will determine if the account was accessed by mistake or if any abuse has taken place. 8. If abuse has taken place, the staff will inform the user and any interested parties. In order for this to work properly, we need to implement and e-mail verification system (#1) and strong abuse prevention (#4). **Open questions** - [ ] Should the staff be involved in the transfer process? - [ ] If so, should any documentation be requested before completing the transfer process? - [ ] How can the staff determine abuse once a user whose account has been transferred signs-in? - [ ] Should the transferred account be read-only? Could the memories created after the transfer be stored in another _section_ instead of _not at all_? - Further research needs to be done to determine the use-case, benefits, and drawbacks of each option.

sofia added this to the First stable (v1) milestone 2024-06-30 17:56:43 +00:00

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

No results found.

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

First stable (v1)

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: sofia/identity#6

No description provided.