Yes it may be that PJ was asking about how do we make sure that people that are not “me” don’t get to install the application and get access to passwords.
I remember @artbrock (tagging for opportunities of correction here ) having a response to that where he talked about the Progenitor pattern. Which basically encoded the originator of the application as the node that gets to manage a whitelist of users that would like to install the DNA and connect to peers.
For a new device to install the DNA and communicate, a request would first have to be sent to the progenitor of the application (first node) which would be able to put into the whitelist of the application that this new node is “cleared” for communication. Any agent that is not on the whitelist would not be sent any gossip from any of the nodes of the application to ensure integrity.
A side application would be needed to handle the request of putting an agent on the whitelist.
This meta level application invitation/sharing thing is probably a pretty common need in a bunch of applications I guess. It feels to me like this would be a great thing to be integrating into some sort of Rolodex application which also just holds lists of all of your contacts and shows what applications they are using (at least the ones that they actively shared that they are using). I’d be curious to know if this is something that you’ve come across in many previous discussions @pauldaoust?