@lastmjs
Here’s a situation that would give me pause to approving this proposal.
Let’s say I wrote down my seed phrase somewhere, and I lose it. I don’t know that it was destroyed, but I know that I lost it. If this proposal passes, I will have no way of generating another seed phrase, and if my seed phrase is found or stolen by someone else, they have access to my account. I will be worried for the rest of eternity that someone will find my seed phrase and do who know what with it.
I think you may want to change the proposal to require that 2 access points must be used to create a new access point, reset a seed phrase, or delete any other points of access to an identity.
If the identity only has 1 access point (the user only has 1 key/device), then a single device can create new access points, reset the seed phrase, and perform all capabilities. Once there are now 2 access points (not including the seed phrase), the user is required to use 2 access points for any of the create/reset/delete access point capabilities.
I’m thinking this would be like Internet Identity’s version of 2 Factor Auth.
A few examples:
- I lose my seed phrase → (I can use two devices to reset it)
- I lose all of my access points → (I can use my seed phrase to log in and create new access keys)
- I had >= 2 access points and then lose my seed phrase and all of my access points but one → (You are SOL on creating new access points or resetting your seed phrase, but can still access your identity through this single point of access, better not lose this access point buddy)
I think this does a good job of protecting identities that have done the legwork to create more than one access point into their identity, without screwing those of us that do a great job safeguarding all of our identity keys, but accidentally lose our seed phrase.