Comind Account Multiplicity Standard

Context

Transparency within Comind is necessary to avoid takeovers. For example, organizational backup makes both takeovers and non-transparency more difficult. One might want multiple Comind accounts to avoid information cross-referencing, which facilitates anonymity and can prevent pressure (see an example in the standard on grouping individuals under a single Comind account). But is it a problem for Comind if people have multiple accounts ?

Reasoning

There are 3 timeframes for knowing the links between account identifiers:

immediate

If the information linking the account identifiers was known immediately, there would be no disadvantage in having multiple accounts, but there would also be no advantage.

never

A person could then have multiple account identifiers to attempt different risky approaches, avoiding penalties on certain accounts while benefiting from rewards on others. Therefore, having multiple accounts without ever linking them is harmful to the group.

deferred

This involves linking accounts when necessary, such as during judgments. In this case, having multiple identifiers allows one to hide the links between their activities, thus avoiding cross-referencing by hostile parties while not harming Comind.

We see that the "never" solution should be avoided if possible, and the "deferred" solution should be implemented.

The implementation consists of allowing the declaration that multiple accounts belong to the same person. Only the "account linking" information is visible; the rest of the information (the identifiers of the linked accounts) is hidden and provided in the form of a signature. The declaration must be made on each of the linked accounts. Additionally, users are encouraged to create at least one linked account from the beginning. This gives us the following properties:

• Since Comind has known from the beginning that linked accounts exist, Comind can request to reveal these accounts before a judgment.
• Since the information is already present in the form of a signature, it is not possible to falsify the data.
• Since the identifiers of the different accounts are known only later, it is possible to make hidden declarations.
• Since the declaration is made on each of the accounts, it is not possible to pretend that an account has no duplicate.
• If the user creates a duplicate account from the start, then in case of problems with individuals, they don't need to create a duplicate at that moment, which can be inconvenient because it is visible.

Note: Eventually, a more sophisticated identification system that prevents account duplication seems beneficial.

Standard

It is possible to create duplicate accounts as long as a "linked account" statement is made on each account so that each account declares the other accounts of the user.