Same. We want to minimize risk while maximizing productivity. Encryption can help. Would be great if Discourse was e2e encrypted, but that generally makes things heavier and harder to verify.
Interestingly enough blockchains combine public access and encryption, and public/private key pairs could be used to encrypt DMs, and if passwords were salted then the hashes would be very hard to decipher, but that’s not the reality of the situation today. Would be really cool if V2, V3, or VX of SourceCred had all these features.
Are we certain that there are no ways to backup data without revealing private data?
Would admins be able to download and then clean the data to create regular snapshots for the SourceCred community? (sounds like a lot of work)
Would we be able to download the data, but maybe then encrypt it via a multisig so that only a combination of trusted community members can unlock it if need be? (then you’re still trusting those community members, but then you could have 1 or 2 admins and 5-10 keys for encryption/decryption)
Thanks for bringing this up!
For reference, here’s what bus factor is lol
And losing the archive of trails and docs and things too!
Would be great if eventually we could just put SourceCred on a blockchain to have an immutable record of public data for the project.
I would say:
- do more research to understand exactly what’s possible
- minimize risk, but not worry about it too much as we’re still at trust level 1
- explore moving to a blockchain (Cosmos chains are relatively affordable)