shannona
commented
2 years ago Thanks for the feedback. We've adopted some Q&A within the scenario to better address why people should use options, as you deftly suggest.
Closed JWWeatherman closed 2 years ago
shannona
commented
2 years ago Thanks for the feedback. We've adopted some Q&A within the scenario to better address why people should use options, as you deftly suggest.
ChristopherA
commented
2 years ago Longer term we are puzzling out how to offer a more basic standalone scenario with less detail on individual steps & no options, with a link leading to this one with full details & options. But we need to finish this doc first.
After reviewing the multisig scenario I wanted to suggest these high level changes as general design principles:
User input should be front loaded. Completing a self custody setup guide is stressful and stress results in user error and increases the chances of a loss of funds. Optional steps inside the guide can be replaced with asking for user input at the beginning and using that to select a specific "solution" that includes all relevant optional steps. This greatly reduces stress because there is no decision making, only careful execution of instructions, once the guide is started.
User input should match their level of knowledge. Instead of explaining to users that hiring a lawyer to act as the primary storage location has various pros and cons and then leaving the user to decide it would be better to ask the user questions that match their existing level of knowledge. "Do you have a lawyer that you trust to take full possession of your bitcoin and distribute it to your heirs if you die" is something the user knows without any additional education.
Guides should be holistic. If tamper evident bags should be used they should be included in the guide. Anything not included is assumed prohibited. This prevents users from introducing additional vulnerabilities. For example if a guide does not specify the storage medium and a user selects steel plates this could result in a greater risk that a nosey paralegal opens the storage envelope than if paper is used. If that data is also stored in so many other locations so that the risk of loss from fire at this location is already mitigated, the user has introduced a needless security flaw. In this case the guide should specify paper as the medium and make it clear that following the guide exactly is expected.