[Aaargh20318]

I'd say it's way more obvious than using a 3rd party email service.

And that's another thing: if you use a 3rd party e-mail service then you have to trust a 3rd party not to abuse that. If they have control of that email address they can take over your account. If it's a temporary address, who's to say when that address gets reused?

If you don't use a 3rd party service then you have to have your own domain for that e-mail address, that domain name can then also be traced back to you.

If you want it to be anonymous, you shouldn't use e-mail at all and only allow passkeys.

[ChrisMarshallNY]

This is all stuff that we'll need to consider. We have to have a valid email address, because the app won't work, otherwise. That's really the only requirement for server-stored information. There's a bit of stuff that stays on the phone. We try to use the Secure Enclave, as much as possible.

The issue is that the demographic we Serve (recovering drug addicts) is a very privacy-sensitive one. Another demographic (that we don't serve) is non-hetero/cisgen folks. Both of these demographics can mean persecution, and even death, in some places, so we are not casual at all about the privacy of our end-users.

At the same time, too much security can render the app useless, so we need to find a balance. The issue with information, is that once it's out; it's not so easy to put back in the bottle, so we tread carefully.