Our main privacy concern is that we use the wallet key to directly derive the chat identity as the wallet public key.
As feature and privacy concern we have that any chat identity can derive the wallet of user.
We had the discussion of having one identity per dapp, this might be done with Identity, which new dapps could have its own key to access funds from an Self Sovereign Identity. This still don’t fixes privacy, as we always need to fund the key from somewhere.
For Dapps which don’t require inchain transactions, but requires an Identity, it would be possible to add the dapp-specific public key hashed in keccak256 listed in the Self Sovereign Identity.
As example, Status Chat could read a message signed from a key, and this message could contain in its payload the user-public-identity, where clients could query in the smart contract to check if key is listed as a key. For Messages that pay the network, this key could be allowed to sign payments.
Currently most of in-chain actions are “pull based”, users pull the transaction to queue and incentivize the mining by posting a gas fee. With Identity contract it’s possible to have a “push based”, where transactions are authorized in a smart contract action key, which could control subscription rules.
Instead of using a regular external owned account as key, the User would set an smart contract as key, which would contain the rules for the subscription, where subscriber could push funds based on those rules.