00:27 <isd> This is the one that was occasionally triggering even with the custom node build? Cool, think I hit that a few times.

05:50 <kentonv> isd: Yes, that one.

08:22 <xet7> kentonv: Does this node-capnp fix affect Wekan ?

21:25 <kentonv> I'm considering working on the accounts/identities/credentials refactor. /cc dwrensha

21:26 <kentonv> so that each account only has one profile

21:32 <kentonv> it's going to be a lot of work but it seems there's a lot of issues blocking on it.

21:56 <kentonv> $ git grep dentityId | wc -l

21:56 <kentonv> 849

21:56 <kentonv> oof

22:02 <TimMc> :-X

22:02 <TimMc> What is an account vs. profile?

22:03 <kentonv> See the "Profile" and "Credentials" sections here: https://github.com/sandstorm-io/sandstorm/tree/master/roadmap/platform/accounts#profile

22:03 <kentonv> and all the TODOs around them

22:15 <TimMc> Ah, thanks!

22:24 <TimMc> I was a little worried by "When the user opens any grain that they do not own, the grain is implicitly added to the user's capability store." but it looks like there isn't a way to trick a user to opening a grain, e.g. in a hidden iframe, and force the grain into their list.

22:30 <kentonv> TimMc: Right, this is why Sandstorm asks you if you want to visit the grain "incognito".

22:30 <kentonv> The grain doesn't land in your grain list unless you choose to reveal your identity.

22:30 <TimMc> ++

22:31 <kentonv> (and, more importantly, the grain owner can't harvest your identity by getting you to click on a link.)

22:49 <TimMc> Also interesting to read the reason that passwords aren't implemented.

22:50 <TimMc> I guess since usernames aren't unique, you sort of have to rely on the *password* being the globally unique thing... which of course it won't be for many users. -.-

23:11 <simpson> Yeah, in other capability systems, you typically don't get any agency for choosing names/passwords, for exactly this reason.

23:11 <kentonv> https://oasis.sandstorm.io/shared/8qSjFnq2N-gPoNtsD6tOeGieG-fld5DRSWvVRUW42QP @dwrensha