Collapse Salmon's social graph into root nodes to preserve privacy
We may be able to build a more privacy-preserving version of Salmon which does not store a social graph on the server.
Quoting Cecylia's explanation:
Each social group in Salmon is uniquely identified by the root of the invitation tree (the person who was not invited, but joined the system on their own and then invited others). One way to avoid storing social graph data is to only store the bridges known to a social group along with the root user's identifier on the server. A user's social group root identifier will then be included in the tokens stored on the client side, so when a client requests more bridges, they present their social group's identifier. The server then only assigns them bridges known to that group already if possible. Otherwise, if a new bridge is discovered by a member of the group, that bridge is appended to the list of bridges associated with the root identifier at the server.
Let's use this ticket to build a prototype.