Detecting if the server didn't transmit add/removeCollaborator to all collaborators [RFC]

Question

Detecting if the server didn't transmit add/removeCollaborator to all collaborators [RFC]

Opened this issue 3 years ago · 0 comments

Background

When changing access to a note the server basically has to possibility to only forward this information to some of the collaborators. Especially when you want someone removed this is critical, because then that person might still receive updates from other users.

Ideally there is a way to identify if the user is honest and send everyone all the updates.

Proposal

WIth every update a hashed version of the member list should be included in the content. This way others can verify their list matches.

In case a client creates updates with a wrong hash after the point (updatedAt timestamps can be compared) where the member list changed the client UI should display a warning/error.

More Info

Initial I though of a log, but this could be problematic in terms of privacy since someone newly added would gain the information that other people participated in the past. Also when sending an update