Blockers for beta release

1. Client verification of device lists and social proofs

   Comm clients track their peer users' device lists, and for Ethereum users their social proof (read our whitepaper for more details). However, today Comm clients don't cryptographically verify that updates to these device lists come from the prior primary device.

2. Use QR code for keyserver login instead of user credentials

   Today, setting up a keyserver requires storing your password in a file. Besides the obvious data hygiene concern, the fact that the primary device isn't involved means that we can't update the device list to include the newly authenticated keyserver.

3. Avatars and relationships shared via E2EE

   Comm clients are currently hardcoded to trust Ashoat's keyserver as authoritative for users' avatar and their relationships (friendship and blocks). This needs to be moved to a peer-to-peer model for privacy reasons.

4. Auto-updating harness for keyserver

   We want to make sure that updates to the keyserver code are automatically pulled down, without requiring any active involvement from the keyserver's administrator.