Sure, and Signal is already working on usernames. Here's the kink: When you have low latency (video) calls, you can't route via Tor. When you can't route via Tor, you leak your IP to the server. When you leak your IP you're not anonymous, and when you're not anonymous, the server having the hash of your phone number isn't adding too much data to them.
When the server knows who you are, the app can use your existing contact list to discover contacts. This means unlike e.g. Telegram, Signal server doesn't store your contact list.
I e.g. constantly see people whose phone number I've already deleted appear on my Telegram contact list "X joined Telegram". Telegram knows I had the number at some point. This would never happen with Signal.
> the server having the hash of your phone number isn't adding too much data to them.
Wait how big is the hash of the phone number?
If it's enough bits (e.g., a full sha hash) then it's not that secure to hash at all. 10^10 or even 10^11 is just 10 or 100 billion. I can easily try all phone numbers until I find the one that matches the hash.
It maybe protects against attacks against lots of people, but it really doesn't protect an individual.
You are correct that using a hash does not protect an individual from other users discovering that they can contact them with Signal, which is to be expected because that's the purpose of this feature. If you suspect that Bob, with phone number +15555551234 has Signal installed, you can verify that by... typing Bob's phone number into your contacts list and installing Signal so you can send messages to Bob.
For the purposes of entropy, you need only consider 10 valid choices for each symbol of a phone number so it's closer to 33.21 bits (10 * (log(10) / log(2))) and smaller still when discarding impossible area, trunk & subscriber numbers.
So given than 80 bits is much bigger than 30-40 bits, if I know someone's hash I can very easily narrow down their phone number to one or sometimes two candidates.
That system a) has a paytrail, b) involves companies that can be coerced / hacked with relative ease, c) is a paid system and d) is quite a bit for average user to handle.
Also, if you're going to stay anonymous, you need something that is extremely hard to misconfigure. I use wireguard on my Android and I've set the VPN to activate automatically, and I only allow connection via VPN, but I'd never imagine any of the apps I'm running are properly anonymized.
Also, since you're apparently working for or affiliated with VPN providers[1], you might want to be more transparent about possible vested interests.
I've never hidden the fact that I've worked for IVPN and Restore Privacy. But they pay me by the word, so I gain nothing by promoting them.
I haven't actually used Orchid, because there's no Linux app. But I did buy some of their Etherium currency. And I recall no money trail. As I recall, I converted well-mixed ~anonymous Bitcoin to plain-vanilla Etherium, and then to Orchid's currency.
But whatever, I'm not going to defend Orchid.
Anyway, I use nested VPN chains. It's like a multihop VPN, except that each hop is a different VPN service, and each of them is leased with a different pool of well-mixed Bitcoin. I do all the Bitcoin mixing via Tor, in Whonix instances. That way, I don't need to trust any of them, only that an adversary won't manage to compromise or coerce all of them. It's the same logic as Tor uses, based on Chaum.
If you want to read more, just search "mirimir" on IVPN's and Restore Privacy's sites. There's also https://github.com/mirimir/vpnchains which is pretty over the top. And I've also played with something like that which routes VPNs via Tor.
I'm not an expert on cryptocurrency so I can't say how well you managed to anonymize the paytrail but the problem of logs and the lifetime of the chain concerns me.
When you start to chain VPN nodes you gain latency so you might as well use Tor. These days Tor has enough bandwidth to play 720p video with ease and there's less hassle. Also once you hit three modes you won't really benefit from longer chain so mixing VPN with Tor isn't really beneficial unless you're evading censorship of Tor.
OK, fair enough. I'm no expert on Orchid. I rather lost interest, after it became clear that it was useless to me.
You're wrong about nested VPN chains, however. Depending on geographical distribution, each VPN adds 50-100 msec rtt. And bandwidth doesn't drop that much after the first VPN.
I use both nested VPN chains and Tor to mitigate the risk of Tor circuits being compromised. The lesson of CMU's "relay early" exploit for the FBI was sobering. Given that lesson, only fools use Tor without protection.
Bad guys might rather hack different servers in different countries and use something like a chain of SSH tunneling after making sure they patched the security vulnerability they used to get into.
Add in some routing trough Tor.
That would be harder to beat by a single law agency.
Particularly harder if the countries implied are not friendly towards each other.
> I e.g. constantly see people whose phone number I've already deleted appear on my Telegram contact list "X joined Telegram". Telegram knows I had the number at some point. This would never happen with Signal.
This literally happens with Signal. And it makes sense too, the message that Signal gets telling it someone is now on Signal is presumably the same one letting it know it can use encryption rather than SMS to talk to that person.
When the server knows who you are, the app can use your existing contact list to discover contacts. This means unlike e.g. Telegram, Signal server doesn't store your contact list.
I e.g. constantly see people whose phone number I've already deleted appear on my Telegram contact list "X joined Telegram". Telegram knows I had the number at some point. This would never happen with Signal.