Non technical people are also welcome to join in the conversation, the gist of it is that we need to know if anyone is against making v1 incompatible with beta (no migration from beta, can’t chat with beta, only wallet can be recovered in a v1 multiaccount using beta account seed phrase), even though maintaining compatibility would delay v1 release as well as degrade the experience in v1.
My proposal is to start from scratch for V1.
The V1 will replace status accounts by multiaccounts, which can hold multiple wallet accounts and chat accounts (though only multiple wallet account will be managed in V1, multiple chat accounts coming later)
Users can import their legacy status account using their seed phrase as a wallet account of a multiaccount, so that they can still use their funds and everything attached to the account, but can’t use it as a chat account.
This means that there is no chat accounts from pre-v1 using v1, so I also suggest to break the protocol.
Here are my arguments:
- if we enable PFS for 1-1 chats, which we should, this will break backward compatibility anyway.
- if we want to enforce the security measure of separating chat and wallet account, because the chat account has to be loaded in memory and the wallet account should never be, we can’t use the legacy account as both a chat account and wallet account. For this reason v1 should only support the import of legacy accounts as wallet accounts in a multiaccount.
- backward compatibility and migration path are going to be very time consuming, as well as testing, and will delay V1 “A LOT”, avoiding it altogether will allow us to send v1 for audit sooner, and spend our time meanwhile to work a real backward compatibility strategy, by reviewing our past year of backward compatibility experience and lesson learned.
- QA and bug fixing should be focused on optimal experience for v1, and not have to bother with backward compatibility
- even if there is a protocol negociation for partionned discovery topic, apps will still have to listen to the single topic forever or break compatibility at some point. Until this is done either now or later in the future, we will have a single topic that can be spammed to spam the whole network, and inevitably consume more bandwith than necessary (in June, Status used more than 7GB for me on mobile data alone). Again, lets just break compatibility now.
- protocol could be simplified, moved entirely to protobuf and json instead of transit which was initialy used for upgradability and protocol versionning when everything was done on clojure side. We have never actually used this capabilities anyway because the decision was made shortly after to be forever backward compatible. Since the chat protocol is moved to statusgo, what is left to implement could be focused on the future rather than the past, and afaik transit is parsed in go using string manipulation, let’s be serious and use real schemas now, it’s already done for more recent messages like private chats.
Arguments for maintaining backward compatibility I’ve heard so far revolve around two points:
- practicing backward compatibility and develop a culture around it: we have been doing this for more than a year now, and I would argue that everyone in the team agrees that backward compatibility is an important goal now. But now it is also about shipping V1, it is not about practice anymore, we need to polish up all the details and remove the strong inefficiencies we had to keep up with because of the decision to practice backward compatibility. We will have months of audit to review our backward compatibility practices
- giving users a choice/freedom: so far users are more interested in a release than backward compatility, we are still in beta and breaking compatility is one of the things that are to be expected with beta software. We are not forcing current users to upgrade though. If someone prefers to use a slow, high bandwith, without PFS, less secure, non reproducible build of Status, we won’t force an upgrade on them. I don’t think this is a serious argument.