Hey!
I recently found out about Galxe and I’m trying to sort out what’s true and false about Galxe claims that users’ information are kept private.
Especially referring to this page taken from the Galxe documentation: Galxe Passport - Galxe Docs
I find it to be quite confusing. As I understand it, Galxe has access to users public key/identity info pair in clear during the process of cleaning the data into the Galxe Passport format:
However, the same article later states in the FAQ that no one has access to the users info once encrypted:
Q: How will my identity information be stored?
A: Your identity information will be encrypted with your password. Galxe never stores these data in plain text and will not have access to these data.
Q: Who can access my identity information?
A: Because Galxe does not store your password, only you can decrypt these data with your password. No one, including Galxe, has the access to your identity information without your permission.
I think the FAQ taken by itself could be interpreted as Galxe never has access to users’ info but when considering the “data cleaning” step that is taking place before encryption, it appears that Galxe actually has access to users’ identity info/public key. Hence, if this is correct that would mean that the assumption of privacy or being anonymous when using Galxe are dependent on Galxe never beeing coopted, compromised or hacked.
Is this a fair assessment or am I missing something?