Remember: this OrbitDB table is public, readable and writeable by anyone
Hence we need to limit the amount of info stored in table => only store hash of username: you can find public key of user if you know their username, but only looking at the table won't tell you who it belongs to (plus they are pseudonyms anyway)
Username needs to be unique, but there is no way to prevent people from adding records to this database => only consider the first record of any given username as valid. Any subsequent records with that user name will be considered impersonation
Messaging
Over IPFS pubsub
IPFS nodes can subscribe to a topic (a string)
IPFS nodes can publish messages (byte streams) to a given topic
All subscribed nodes receive said message in a callback function
Make the topic unique (a shared secret between participants, a long random string) to a conversation=> 1:1 chat. Both participants publish and listen to that topic. Nobody else should know of the topic's name. Of course, if somebody learns the topic, they can still listen in. This is where public keys come in: we can lookup the public key of our friend and encrypt our messages with it. Also encrypt with our private key, this way the friend can verify the message did in fact come from us
Persistence
Use 'private' orbitDB tables
Write protection: user signs every record. If anyone else adds records to it, the user will know it wasn't added by them and discards the fake record
Read protection: orbitdb records are stored in the public=> need to encrypt messages. Use symmetric encryption here, like AES, with key derived from user's passphrase