Transmitting the base id has significant privacy impact, too
Opened this issue · 0 comments
jernst commented
The base id in the messages appears to be the same as the root key from which all daily keys and 15-min ids are being generated.
If so, its transmission to the backend would allow the operator to unmask every contact id of this user (not just since exposure) and also impersonate the user.
I'm suggesting it might be worth noting this in your README, because its privacy impact appears to be at least as large as the impact of the contact history.