More Peergos update

protocols/peergos.md

@@ -8,6 +8,8 @@ There is a global append-only log for the public key to username mappings. This
 
 Login and key management: A peergos user's private keys are derived every time they log in using their username, password and a published salt. Specifically, a signing keypair, boxing keypair, and symmetric key is derived. Users store their friends keys in their encrypted storage space in a TOFU keystore. Users can verify key of friends in person or over the phone using QR codes or fingerprints. 
 
+This enables multiple device support, and no awkward key management UX. The user never needs to see a key or a hash.
+
 ### Data storage
 
 Each user must have at least one peergos server. The servers run an instance of IPFS. Data is content-addressed: stored in mappings from hash to data. During upload the client splits files into 5 MiB chunks which are each independently encrypted (along with encrypted metadata) and stored in a merkle-CHAMP (compressed hash array mapped prefix trie) in ipfs. Directories can't be distinguished from small files, nor are the sizes of files, or the number of files, or directory structure, or who has access to them visible to the server.
@@ -16,7 +18,7 @@ The user lists the IPFS node id of the server (hash of its public key). It synch
 
 ### Social
 
-Users can follow each other. Follow requests are sent through a user’s storage server, which is contacted via its public key. Follows are one-way, and allow sharing files and sending messages.
+Users can follow each other. Follow requests are sent through a user’s storage server, which is contacted via its public key. Follows are one-way, and allow sharing files and sending messages. Critically, the server never sees who is following who (even follow requests are blinded). You store your own social graph encrypted in your peergos space.
 
 ### Privacy and Access Control