Starting a conversation on whether it makes sense to have a SEP for the standard algorithm for generating identicons for Stellar accounts.
Here's the draft SEP:
Identicons compliant with this proposal have been already integrated in a few projects in the ecosystem, including Lobstr, Stellarterm and StellarExpert.
Links to JS and Python implementation are included.
Worth noting, that our initial implementation used an md5 hash of the full address to generate the identicons.
After a conversation with @Orbitlens, we've switched to using only first 16 bytes of the key, since public key is a pseudo random sequence.
This improves the speed of the icon generation, but has a side effect that the addresses with the same starting bytes would have the same identicon.
Example:
So, technically, for any given Stellar address, it is rather easy to find a different Stellar address with the same identicon.
On a separate note, given that most clients tend to display such address as something similar to GA2T...7RWV, it might be worth changing the logic to use *the middle bytes* of the public key. Also, people would often check the first and last digits in the address anyway, but rarely check all the characters in the middle. Using middle bytes also makes more sense in that regard.
Anyways, please let me know if you have any feedback.
Thanks,
Gleb.