feat(readme): add FAQ section

[therealharpaljadeja]

@0xarthurxyz please suggest anymore questions you would like me to add here

[eelanagaraj]

Can we split this up into the specific terms used in the SDK: plaintextIdentifier, obfuscatedIdentifier and making the differences clear? (Maybe even some text examples of what each of these looks like)

This glossary may be helpful for reusing some definitions here + elsewhere!

[therealharpaljadeja]

Will create a Mermaid diagram instead to explain the terminologies.

[eelanagaraj]

this isn't strictly true--the issuer only pays for gas if they publish the attestations on-chain on behalf of the user. Issuers can return the signed attestation to the user, who can then choose to publish this to FederatedAttestations.sol or not.

[eelanagaraj]

This is recommended but not strictly required; recommended since it promotes interoperable identifiers. This isn't necessary when issuers do not care about identifiers that use ODIS peppers; in these cases issuers can also use proprietary prefixes/salts, which means giving up interoperability but provides additional security

[therealharpaljadeja]

Does it mean that users can do the ODIS part themselves and then simply provide the obfuscatedIdentifier to be registered under the respective issuer?

Same for lookup.

Technically that would mean the authSigner will be the user requesting registration and the dApp would basically look up its balance and request to buy quota in-app, right?

[therealharpaljadeja]

In the case of proprietary prefixes, wouldn't it be mandatory for issuers to have ODIS quota?

I am assuming the issuer wouldn't want its users to know the prefix and thus will have to perform the process of getting the obfuscatedIdentifier itself.

[eelanagaraj]

nit: capitalize ASv1