I think WhatsApp's proposed solution here is sensible and achieves both objectives of protecting user privacy whilst also preventing users from accidentally shooting themselves in the foot with "password123".
Introduction of friction can add security. For example, bitcoin wallets that are self-custody will often involve elaborate, un-skippable "write these 24 words down, repeat it one by one" processes to ensure users properly back up the seed words.
> I think WhatsApp's proposed solution here is sensible and achieves both objectives of protecting user privacy whilst also preventing users from accidentally shooting themselves in the foot with "password123".
My understanding is they create a random encryption key K and store it in their vault protected by a user-selected password. Knowing the password gets you the encryption key K. I don't see any restriction on a user picking "password123" as their password to the HSM vault, so how does this HSM setup prevent them from "accidentally shooting themselves in the foot with 'password123?'"
Introduction of friction can add security. For example, bitcoin wallets that are self-custody will often involve elaborate, un-skippable "write these 24 words down, repeat it one by one" processes to ensure users properly back up the seed words.