Use a public key (pubkey) / secret key (secret) to authenticate yourself with the server. At login, you authenticate yourself to the server. If you protect your company, this is done based on your pubkey. This means that only you with the correct secret can still join that company.
A server stores this pubkey in the savegame, to make company protections survive restarts.
A server allows to query which pubkeys are currently playing on a server. The server shares when joining which other pubkeys are on the server. This allows several things:
- You can whitelist other people to join your company based on pubkey
- You can have a friendslist on which you can see where your friends are playing
Optionally, if you want, a new pubkey / secret can be generated for every server you join. This means friends can no longer see on which server you are playing (as you have a new identity on every server). This also means you cannot be tracked over multiple servers.
- Lightweight implementation.
- All information is local; no central entity is required.
- No need for any signup; this is fully transparent.
- If you lose your secret, you lose your identity (no way to recover).
- You cannot "login" as yourself on another device.