In theory I think you'd still need the temp user as long as temp users might have different permissions from anonymous users (by default they don't but the system does offer the possibility of temp-user-specific permissions).

Change 1007648 had a related patch set uploaded (by Tchanders; author: Tchanders):

[mediawiki/core@master] DNM Experimental: Remove unsaved temp user from EditPage

https://gerrit.wikimedia.org/r/1007648

I wonder (though I'm on the fence still) if we could just make the decision that $wgGroupPermissions['*']['edit'] must be true in order for temp accounts to be created via edit. You could still give temp accounts other additional rights, but an anon user must make a successful edit (or whatever other action you've configured to create a temp user) first.

We're expecting other workflows to do this rather than handle unsaved/placeholder temp users (see our guidance about this).

The unsaved temp user is proving a bit odd, e.g. AbuseFilter logs the name, but it never gets mapped to a real user (T334623#9587082).

I think we still need to do this investigation and document the conclusions.

I think we should keep the temp account placeholder. Here's my reasoning:

Pros:

• As mentioned in T355210#9550798, without the placeholder temp account, any autocreate action would need to be allowed for group *. Although this is safe to do since T345578: Ensure that an IP address cannot be saved permanently if IP Masking is enabled, it might not be obvious to the wiki owner that it is safe.
• For non-autocreate actions, it might be desirable to allow * and temp groups to have different access, e.g. someone might be trusted to do something only after they have performed an autocreate action. Since non-autocreate actions can differentiate between the two groups, it is more user-friendly for autocreate actions to follow the same logic.

Cons:

• The placeholder temporary account does cause some confusion, e.g. T357063: Block message not shown when a temporary account is blocked on mobile. In particular, permissions are checked for a placeholder temporary account, but blocks should still be checked against the session (anonymous, IP) user.
• It also makes it difficult to configure new autocreate actions in AutoCreateTempUser['actions'], since these will either need to be configured to be allowed by group *, or will need a software update to check a placeholder temporary account.

Summary: I'm weakly in favour of leaving the placeholder temp account since:

• With the one autocreate action that is already handled properly in the software (edit), it allows configuring * not to be able to edit, which might be reassuring for wiki owners.
• The main disadvantage with keeping the placeholder temp account is that it's difficult to add another autocreate action; however I'm not sure how likely it is that other autocreate actions will be introduced. We could revisit this decision if that ever does happen.

In T355210#10529528, @Tchanders wrote:

Summary: I'm weakly in favour of leaving the placeholder temp account since:

• With the one autocreate action that is already handled properly in the software (edit), it allows configuring * not to be able to edit, which might be reassuring for wiki owners.
• The main disadvantage with keeping the placeholder temp account is that it's difficult to add another autocreate action; however I'm not sure how likely it is that other autocreate actions will be introduced. We could revisit this decision if that ever does happen.

I agree with the summary, and that we can leave things as they are.