# Usernameless flows ## End goal - 2/4 (Most Ideal) - Email 1 - CredID_a 1 - CredStore_a 2 - CredID_b 1 - CredStore_b 3 - Backup 4 - 2/3 (Ideal, two devices) - Email 1 - CredID_a 1 - CredStore_a 2 - CredID_b 1 - CredStore_b 3 - 2/3 (Ideal, one device) - Email 1 - CredID_a 1 - CredStore_a 2 - Backup 3 - 2/2 (Not ideal, initial login) - CredID_a 1 - CredStore_a 2 - 1/1 (Not ideal, initial login) - Google 1 ### Entrypoints - Starting from a single device - CredID_a 1, CredStore_a 2 - Device sync via passwordless email - Assign passwordless for an email - Create temp key - Encrypt temp key under passwordless pubkey - Send email link, tell user to click link on other device - Other device opens email link, gets passwordless key - Other device decrypts temp key - Temp key used to set up comm channel - Send shares from old device to new device - Starting from two devices - Same as starting from a single device, except that one of the devices has their key deleted - Starting from shared OAuth - Create tKey - Starting from tKey - Same as shared OAuth ### Requirements - Needs to have all logins ### Should we use tKey alone or directAuth + tKey (for WebAuthn)? #### Demographics Mainstream - Developer - User Web3 - Developer - User #### DirectAuth + tKey pitch Convienent flow with a focus on privacy. Your points of