res['status']=self.status(f'''{OPERATOR_INTRO}I have successfully registered Komrade {name}.
Ifyou're interested, here'swhatIdid.Istoredthepublickeyyougaveme,{cvb64},underthenameof"{name}".However,Ineversavethatnamedirectly,butrecorditonlyinadisguised,"hashed"form:{ck}.Iscrambled"{name}"byrunningitthrougha1-wayhashingfunction,whichwillalwaysyieldthesameresult:providedyouknowwhichfunctionI'm using, and what the secret "salt" is that I add to all the input, a string of text which I keep protected and encrypted on my local hard drive.
Thecontentofyourdatawillthereforenotonlybeencrypted,butitslocationinmydatabaseisobscuredeventome.There's no way for me to reverse-engineer the name of {name} from the record I stored it under, {ck}. Unless you explictly ask me for the public key of {name}, I will have no way of accessing that information.
Yourname({name})andyourpublickey({cvb64})arethefirsttwopiecesofinformationyou've given me about yourself. Your public key is your 'address' in Komrade: in order for anyone to write to you, or for them to receive messages from you, they'llneedtoknowyourpublickey(andviseversa).TheKomradeappshouldstoreyourpublickeyonyourdeviceasaQRcode,under~/.komrade/.contacts/{name}.png.Itwilllooksomethinglikethis:{qrstr}Youcanthensendthisimagetoanyonebyasecurechannel(Signal,IRL,etc),ortellthemthecodedirectly({cvb64}).
Bydefault,ifanyoneasksmewhatyourpublickeyis,Iwon't tell them--though I won'tbeabletoavoidhintingthatauserexistsunderthisnameshouldsomeonetrytoregisterunderthatnameandIdenythem).Instead,ifthepersonwhorequestedyourpublickeyinsists,Iwillsendyouamessage(encryptedend-to-endsoonlyyoucanreadit)thattheuserwhometsomeonewouldliketointroducethemselvestoyou;Iwillthensendyoutheirnameandpublickey.It's now your move: up to you whether to save them back your public key.
Ifyou'd like to change this default behavior, e.g. by instead allowing anyone to request your public key, except for those whom you explcitly block, I have also created a super secret administrative record for you to change various settings on your account. This is protected by a separate encryption key which I have generated for you; and this key which is itself encrypted with the password you entered earlier. Don'tworry:Ineversawthatpasswordyoutyped,sinceitwasgiventomealreadyhashedanddisguised.Withoutthathashedpassphrase,noonewillbeabletounlocktheadministrationkey;andwithouttheadministrationkey,theywon't be able to find the hashed record I stored your user settings under, since I also salted that hash with your own hashed passphrase. Even if someone found the record I stored them under, they wouldn'tbeabletodecrypttheexistingsettings;andiftheycan't do that, I won'tletthemoverwritetherecord.''')