One way to make the current QR code system more powerful and more flexible would be to allow the creation of multiple QR codes which are simultaneously valid, and allow the user to asign each outstanding QR code:
- a “trust level” (identity verified or not)
- an optional personal annotation
- an optional expiry time
- an optional maximum number of uses/scans allowed
This would allow users to asign a “trust level” to each QR code. For example, a user could post a “no trust” QR code in a public place (such as on a personal website) and at the same time let contacts they meet in person to scan a “trusted” QR code.
Another use case would be if a user meets multiple people at an event such as a party, business meeting, etc. but doesn’t have an internet connection at the time. The user could generate a separate QR code for each contact, noting the contact’s name in the “annotation” field and setting “maximum number of uses/scans” to one. When the user later connects to the internet, Delta Chat could display the information in the “annotation” field for each new contact. This system promotes greater confidence in identity verification, helps to avoid potentially confusing different contacts, and reduces the risk of impersonation.
Obviously this system would necessitate a “QR code manager” to generate and keep track of outstanding QR codes, it would involve additional complexity, and it would require significant developer effort to implement, so it probably wouldn’t be a top priority, but I think there are many advantages to such a system in regard to identity verification and I would welcome people’s feedback on this idea.