- Design principles:
- Path of Least Resistance: The most natural way to do any task should also be the most secure way.
- Appropriate Boundaries: The interface should expose, and the system should enforce, distinctions between objects and between actions along boundaries that matter to the user.
- Explicit Authorization: A user’s authorities must only be provided to other actors as a result of an explicit user action that is understood to imply granting.
- Visibility: The interface should allow the user to easily review any active actors and authority relationships that would affect security-relevant decisions.
- Revocability: The interface should allow the user to easily revoke authorities that the user has granted, wherever revocation is possible.
- Expected Ability: The interface must not give the user the impression that it is possible to do something that cannot actually be done.
- Trusted Path: The interface must provide an unspoofable and faithful communication channel between the user and any entity trusted to manipulate authorities on the user’s behalf.
- Identifiability: The interface should enforce that distinct objects and distinct actions have unspoofably identifiable and distinguishable representations.
- Expressiveness: The interface should provide enough expressive power (a) to describe a safe security policy without undue difficulty; and (b) to allow users to express security policies in terms that fit their goals.
- Clarity: The effect of any security-relevant action must be clearly apparent to the user before the action is taken.
- Theses:
- Sound money: “Trustless money” that cannot be inflated by any trusted authority such as a central bank.
- Web3: “Trustless internet” where Internet architecture is free of trusted centralized data & service monopolies. Users have more control over their data and Internet usage. These networks also compensate participants for economic value generated in the network.
- Open finance: “Trustless financial systems” that extend cryptocurrency to provide open software primitives for equities, debt, derivatives, checking accounts, remittances, work contracts, retirement accounts, property etc.
- Features are not inherently valuable; they're only useful in the context of a user need
- Each of the theses have their own, diverging users
- What does success for a product / feature mean?
- What is its next best alternative? And how much worse is this alternative?
- If critical mass is necessary, is there any value before reaching that point?
- Ethos-requiring products will only get so far without a compelling case for ethos-neutral people (i.e. most people)