We have thought about that. Probably the main reason we haven’t done this is because of this reason, on which I’ll quote myself on from an internal slack message:
Currently if someone makes an anon account, they use an anonymous email address. There’s usually no way for us, or, by extension, someone who had full access to our database, to deanonymize them. However, if we were to add this feature, it would tie the anonymous comments to a primary account. Anyone who found a vulnerability in that part of the code, or got an RCE on us, would be able post a dump that would fully deanonymize all of those accounts.
We have thought about that. Probably the main reason we haven’t done this is because of this reason, on which I’ll quote myself on from an internal slack message:
Touche