A: Ylide SDK will derivate the private communication key using the wrong password and get a new pair of communication keys. After that, the SDK will make a request to the registry contract and see that the communication public key that the user saved earlier does not match the new communication public key received as a result of the derivation. A password error message will be displayed.
A: Since the Ylide Protocol is completely decentralized for security reasons and the user’s password is not stored anywhere, we cannot help him to recover it. However, the user will be able to create a new password to generate new communication keys and continue correspondence from the same address. In this case, the user will not be able to read the content of old messages. He will be able to read the content of new messages only (sent to him after updating the communication public key in the register).
A: Nothing. The Ylide password is used as the second factor in our authentication system, so without access to the private key from the user’s wallet, an attacker will not be able to read or write messages on behalf of the user. However, with the Ylide password, it will be easier for an attacker to obtain a signature from the user to create a communication private key, so if the password is lost, Ylide recommends immediately changing it to a new one. At the same time, the content of old messages will not be available to the attacked (only to the user).
A: The attacker will be able to read the messages that were written to this user but will not be able to write letters on his behalf (as this will require the wallet’s private key). In this case, the user will have to create a new Ylide password and continue communication without any risks afterward.
A: Truth be told, if a user’s private wallet key is stolen, communication risks are the least of his concerns. However, even in such a dramatic scenario, if the attacker does not have the Ylide password, he will not be able to read old emails. However, he will be able to generate a new password, and, accordingly, a new communication key, register it in the registry, and correspond on behalf of the user.