The userbase is small enough that hashing would be easy cracked by a determined person. Even with salting, iterating through the entire userbase and hashing each username+salt to check for a match would probably not take long
One of the advantages of votes being public is that it keeps instance owners honest and, perhaps more importantly, means they know other instance owners are honest.
If they weren’t public it would be easy to modify your lemmy instance to send 10 votes with fake hashes for every real vote. There would be constant accusations of brigading and faking votes.
I was thinking that it would make sense to federate upvotes, but with the hash of your username instead of your actual handle. Would this work?
The userbase is small enough that hashing would be easy cracked by a determined person. Even with salting, iterating through the entire userbase and hashing each username+salt to check for a match would probably not take long
What if a uuid is generated every time a user signs up, and every upvote iterates through the uuids?
One of the advantages of votes being public is that it keeps instance owners honest and, perhaps more importantly, means they know other instance owners are honest.
If they weren’t public it would be easy to modify your lemmy instance to send 10 votes with fake hashes for every real vote. There would be constant accusations of brigading and faking votes.
I’m honestly surprised it hasn’t already become rampant.
Just make a rainbow table and get the usernames back.