signup of a new user

  1. user visits a signup URL (under and a .onion) and is presented with an "OCR code" (henceforth "signup code") for use in a bank transfer (or alternative payment method)

    • the user is presented with a URL embedding the signup code and an instruction to visit that URL once they've made the payment

    • the signup code is logged to disk together with a timestamp for later generation of statistics about missed opportunities / amount of spam received on the signup page

    • user makes their payment, passing the signup code through the payment system

    • administrator sees payment and uses the admin interface [TODO: specify which function] to create a new user record containing signup code and an approximate date when the account expires

    • user visits the URL from signup and enters a chosen email address together with a chosen passphrase (and possibly more authn options like TOTP)

    • user is presented with backup codes for account restore

    • the signup code is removed from the user record to minimise the link to the payment and the URL

    • prepaid accounts (like "free invite code") can be generated by an admin by creating a new user record with a new signup code and handing the user a URL with this signup code embedded

    • NOTE: an early idea of an optional pass phrase entered by the user at signup has not been included here since it would require that we store something at signup which worsens the spam problem by requiring the db to keep state between signup and one of "payment received" and "payment timed out"

removal of a user


admin interface


user interface