[SailingSperm]

How about no ph number and only UUIDs- You send a msg that only personA can decrypt - but you broadcast the encrypted message to all contacts /+ random UUIDs ... So signal doesn't know who it was intended for exactly, and only personA gets the information. Of course you'd want the app to only alert users getting the broadcast once a received comm is successfully decrypted, otherwise discard.

It's clearly a lot higher data overhead, but that'd acheive phone numberless accounts without signal knowing 100% A is talking to B.... Only that 'A' might be talking to 'B'..Or C..or D.. Or sending decoy msgs intended for nobody.

Settling for phone numbers on a privacy based messenger because it's too hard to do an alternative implem is a cop out I feel. What do you think of the above proposal?

[UncleMeat]

> You send a msg that only personA can decrypt

How are you going to do this without getting this person's public key? And how are you going to get their public key without asking signal?

[SailingSperm]

Yes, signal would manage that. This is still more privacy preserving than a phone number because the the public key isn't attached to your identity in the way a phone number is. You'd still need to getAllContactsPubKey()->encr(PersonAKey)->SendToAllContacts

So signal knows you requested all your contact pubkeys, that you sent a duplicate broadcast to all contacts, obscuring who it was intended for... that could be 0-n of m persons.