## Alternatives ## Identity Anchors if there is a significant amount of spam in passports or there is increased reputation required create weightings for activity on different platforms ### Approved (optional, Helper Only) Steam (OpenID) → sticky gamer ID, rarely abandoned Institute of Electrical and Electronic Engineers (IEEE) → membership-based, high trust, professional continuity ORCID → open, academic, globally persistent ### Not Preferred Options GitHub (OAuth 2.0) → trusted by developers, strong but Microsoft-owned semi-mitigation could be using use key on personal repostiroy instead of oauth LinkedIn (OAuth 2.0) → universal professional presence, sticky but Microsoft-owned Zoom (OAuth 2.0 / OIDC) → school/work universal, stable accounts Apple ID (OAuth 2.0 / OIDC) → near-universal for iOS/macOS users, requires dev account succumbed to pressure from Chinese Communist Party justify as following local laws which is technically true reliance on their supply chains ### Explicit Exclusions Discord → high churn, moderation issues, volatility Epic Games → game-specific, corporate-driven, not neutral enough Twitch (Amazon) → tied to Amazon ecosystem, heavy corporate identity Google → surveillance-oriented, advertising core Facebook/Meta → reputation, tracking, loss of trust Payments (PayPal, etc.) → not appropriate as anchors; transactional, not identity ## Community Anchors possible venue check-ins (QR at events) weighted more than online attestations local university desk vouch (calm.college) library or maker-space vouch event ticket QR (issued via PF tools) edu email link (non-persistent, for eligibility only) ## Bad-actors Impersonating Official Content if impersonation of campaign materials rises switch to signed **content manifests**: each official asset ships with a tiny `.pfp.json` (source hash, issuer, campaign, date) release a one-click verifier (web + CLI); dashboards only surface assets with valid manifests ## Onboarding and User-experience Problems if sign-up friction blocks growth “guest passport” (ephemeral) upgraded to full on first in-person QR kiosk mode at events: steward tablet issues a one-time link that the user later binds to their passkey if CSS/profile theming is abused lock to approved theme tokens by default; full CSS only for trusted age-of-account + manual opt-in ## Recovery Abuse or Loss if recovery requests become noisy or manipulated raise threshold (2-of-5 → 3-of-7) and introduce visible cooldowns require previous device co-signature when present show “pending recovery” notice in public log; allow alarms to be raised ## Sybil or Spam Flooding if passport spam rises faster than steward capacity limit verification rate per new account (monthly budget) require one cross-campaign verifier per badge (prevents cliques) temporary invite-only window to drain bot waves ## Infrastructure or Legal Pressure if the hub is disrupted or served a takedown publish epoch hashes to DNS + Git mirror + IPFS pinset allow read-only mirror mode until new write endpoint appears maintain a warrant-canary page for transparency