Crypto Priors.

• Simple RSA of the for N=P*Q of bytes >= 8178 are sufficiently strong for at least a number of years even with quantum computing. But not forever.

• SHA256 is the only hash function we will rely on.

• For now we don't assume security of the Diffie Gap Theorem. As for users' keys that rely on Ed25519 or Secp256k1, we will work on having them register more keys as backup for when it is determined that the above are compromised. Trezor is more trustworthy.

• We do not trust Ledger nor the iPhone, certainly not any Android devices. We certainly do not trust that there won't be collusion between the iPhone and secure SE flash chips.

• We do not trust any hardware randomness. This means even Ledger generated keys.

• The only entropy that we trust are those generated by the user. 42 rolls of 20-sided dice. Or the complete shuffling (e.g. 20 times of the normal shuffle for most users who aren't familiar with card shuffling). The resulting entropy is a byte-string of the form "4 2 20 15 8..." or "As 4d Jh Kc Td 9h" etc, human readible.

• The "mnemonic" specifically refers to BIP mnemonic 24 words, always 24 words, and must never be entered into any device that ever touches the internet. Therefore, only hardware wallets, or, qualified offline computers.

• Zero Knowledge systems are not possible. We do not trust ZK systems.

• Unless key generation is completely deterministic, we cannot trust that the binary is what we expect. And since we cannot "trust trust", we cannot trust that the hardware and OS software running the binary is secure either. Therefore the only way to know that the binary is running as intended is to first prepare the binary and offline computer, and only afterwards check that it computes the same generated key for many input entropies, and determine that it is indeed computing the same output key pair for all users; and therefore deriving with high probability that the computed key is secure.

• The Offline Computer must not have any WIFI or Bluetooth or any wireless communcations hardware. If the computer does have any WIFI devices, they must be soldered off. It is not sufficient to "disable the WIFI driver".

• The keyboard must be an old keyboard with no advanced CPU microchip which may log your keys.

• The monitor ideally should be old too, as the monitor itself is likely compromised.

• Since the monitor may be compromised, or leak signals, it is also imperative that any data that is cryptographically sensitive NOT be displayed, but only display as '******', AND we must avoid passing these values in as cli flags which are also logged in ~/.history, ~/.bash_history, ~/.zsh_history, ~/.zsh_sessions, etc.

• The offline computer itself must be enclosed in a faraday cage.

• We do not leave any sensitive data in background processes like gpg-agent does.

• We do not trust anyone who prefers to refer to GPG over OpenPGP.

• We categorically reject the Copenhagen interpretation, and specifically reject "no conspiracy". Rather, we assume God, and that God may also send "great delusions".

• The end-user must themselves roll the dice, or shuffle cards, away from any internet or devices, and especially cameras and 5G gateways or devices.

• We assume that our minds may also be read remotely, and we must NOT mentally, verbally, visually, or semantically see or iterate any entropy data. This means that even when writing down the dice rolls, we must take care not to see the whole series of rolls written down at once.

Crypto Pre-launch TODOs.

Crypto Post Launch TODOs.