This is debatable as of the follow-up, at least according to the statement @tupper made:
Key part being
Knowing their management, it “will” be launched “later” the same way physbones and contact systems “will” launch for worlds. Granted, this lives in the same promise land as his hint at connecting content gating to this system, but still.
I still don’t understand how a hash of any PII is going to prevent an end user from verifying multiple accounts with the same data, given that every single verification is stateless–and why it should even be prevented.
The data sent back from Persona–hashed or not–is contextual to the current user, not globally to all users. There is no reason to check for duplicates using the same PII, other than to prevent verification.
How one can overcomplicate a very simple model update driven by a REST API call is hard to understand and reason. Unless we’re talking about incompetence or malice.
Either way, in the state this feature’s in, it should just be rebuilt by an actual team, not a nodejs intern and a sleepy manager introducing wacky limitations.