Add unencrypted builderId property to encrypted requests to allow counting encrypted requests created by each builder #1258
Description
Problem
Today, it's impossible to know which builder (platform, project, etc.) creates an encrypted Request. For cleartext requests, we ask our builders to include a builderId in their contentData. But in encrypted requests, content data is part of the encrypted payload and thus cannot be read without sharing the request via addStakeholder.
Solution
Add an optional, cleartext builderId property outside the encrypted payload of a request.
Considerations
How to prevent griefers from creating fake encrypted requests and attributing them to the wrong builder id?
Maybe require a platform signature?
Ask platforms to give end-users the option to omit the builderId for their requests, for privacy - so it doesn't reveal which invoicing software they use.