Docs To Do List

[Rspigler]

Major expansion of docs:

• Discuss philosophy and threat models
  Possible resources to guide us in how to format: Whonix docs (www.whonix.org/wiki/Documentation), Casa Wealth Security Protocol (github.com/Casa/wealth-security-protocol/blob/master/casa-wealth-security-protocol.pdf), @JWWeatherman 's existing threat model writings (https://github.com/JWWeatherman), BlockchainCommons Smart Custody Guide (https://github.com/BlockchainCommons/SmartCustodyBook), Glacier (https://glacierprotocol.org/)

• Edit: Explanation and Comparison of Yeti Options

1. A single signing, hot wallet, full node. (Yeti Hot).
2. A multisig, online, full node. (Yeti Warm)
3. A multisig, offline, full node (YetiCold)
4. A multisig, multi-device, offline, full node (YetiFrozen/+)

Difference between Level 3 and Level 4 is that Level 4 is multi-device; more secure privkey generation and more usable, but more $$

Difference between Level 2 and Level 3 is that Level 2 privkey generation/signing is less secure, but cheaper. Yeti Cold requires two computers, YetiWarm requires 1. With YetiWarm, you do wipe the device between uses, so it technically shouldn't have malware when generating your keys and recovering your wallet to spend. However, malware can exist on different levels of your device (chip, firmware, BIOS, bootloader...) and wiping will not help in this scenario. As YetiCold keeps the key generation and signing on an offline computer, you are more secured from these attacks.

Level 1 wallets give up the security of multisig for the usability of a persistent wallet.

Reason for wiping devices is to remove a single point of attack (creating all private keys on one device before distributing). YetiFrozen therefore does not require this.

@JWWeatherman Has discussed more Levels of accounts, but for now these are the basics.

• List of critical bugs, attacks, vulnerabilities, etc of HWW's
  Possible resource of quotes from Core devs: bitcoin-takeover.com/why-trezor-is-still-king/
  Use Discussions from the podcast @willweatherman @JWWeatherman and I were on
  Edit: Done

• Expand the existing docs written by @willweatherman (FAQ, directions, etc)

- Make video of YetiCold

• State explicitly in instructions and documentation that computers should only be used for Bitcoin/Yeti (rather than this being a result of following the instructions)

• Many Bitcoin users believe that a quorum of seeds (in our case, the NATO WIF) is enough to recover a wallet. However, a quorum of seeds and /all/ xpubs (in our case, a single descriptor containing all xpubs) is necessary. This should probably be written in the docs so the users know that the descriptor is important to keep. Possibly write the privacy implications of having them found?

- How to verify QR codes:
Before scanning it with the offline computer, you could scan it with a phone/another computer to verify it is correct before passing to the offline computer.

- How to verify receiving addresses?

• Have some sort of legal disclaimer?
  Something like btcguide.github.io/disclaimer ?

[Rspigler]

List of critical bugs, attacks, vulnerabilities, etc of HWW's

Done. https://robertspigler.wixsite.com/blog/in-defense-of-my-attack-on-hardware

[Rspigler]

Videos are complete:
https://www.youtube.com/channel/UCv9sB7MYmOeJVIf1fnxoTLQ