- cross-posted to:
- fediverse@lm.korako.me
- lemmy@lemmy.world
- cross-posted to:
- fediverse@lm.korako.me
- lemmy@lemmy.world
Probably better to post in the github issue rather than replying here.
Probably better to post in the github issue rather than replying here.
Not privacy-protecting. You can easily deduct the voter by enumeration.
A privately-stored salt would fix that :)
Then what is the point of hashing the data? Just use an UUID.
Anyway, this is all pointless bike shedding because the activity needs to be associated with the actor, as it can only be accepted if the signature can be verified.