Matchy user profiles don't need to be stored centrally

[stefnotch]

• Local on the device, maybe encrypted
• Peer to peer transfer/E2E encrypted transfer

[stefnotch]

Flow:

• User likes user
• Profile (if like) or random string (if dislike) is encrypted and transferred to other user
• Decryption key is sent to server

[stefnotch]

For a minimal implementation, we could treat the server as trusted.

• Profiles are stored locally
• Server only temporarily knows about the profiles (either it exclusively keeps them in memory or it removes them from the database after a short period of time)
• Server transfers the profiles to the matches, and then it forgets them

Much better GDPR compliance

[sueszli]

Now THIS is an enhancement thats worth the extra mile.
Absolutely brilliant idea stefan.

We should totally discuss this post-MVP and ideally it should even be one of the first things we should consider in our new architecture.