Backup flow

• Go to settings.html
• Click "Sign up with another email address" with email "a", get KeyA
• Click "Sign up with another email address" with email "b", get KeyB
• Click "Show backup code", save it somewhere
• Click "Trash" to delete all keys of "a" and "b"

Restore flow

• Go to settings.html
• Click "Restore from backup code"
• Put "a" in the email field, enter the backup code, and Click Restore
• Keyring panel shows multiple keys, KeyA and KeyB both associated with "a"

I'm aware that backup code is actually the encoded version of eccSeed and eccCount, which forms the basis to generate the private/public key pairs. And the same seed is being used across multiple "Sign-up".

Problems:

• How can one restore the respective key of "a" or "b"? Counterintuitive to explain "backup code" to users? One-to-one mapping of seed to every sign-up would be better.
• In case an attacker stole the backup code. The user reacts by clicking "Sign-up" to generate a new key. But by mutating eccCount, the attacker can get his new keys.

Proposed Solution:

• Let eccSeed be refreshed every time one clicks "Sign-up". Always eccCount = 0. Do not keep them in keyRing/localStorage.
• Show "backup code" only once after "Sign-up", with sufficient warning it's a one-time dialog.
• Hide "Show backup code" in settings.html

Thoughts? :)

c.c. @maditya