I’ve recommended BitKey to a few friends and family. I’ve gotten surprisingly good questions about social recovery from a nontechnical friend:
“Who am I trusting here? Can my coins be seized by the government?”
I pointed to the whitepaper which names Google Drive, iCloud key-value-store and Block’s servers. But what’s a plain english version to explain the trust model in this case?
Use advanced data protection
Advanced data protection doesn’t encrypt iCloud key-value-store only certain app data that use the new CloudKit apis: https://support.apple.com/en-al/102651
The BitKey whitepaper does point out that a government adversary can steal user funds in this case with access to iCloud/GDrive and a legal request to Block (disabling delay and notify).
FWIW I agree funds are safer likely from loss/theft for most users with Block and a trusted contact’s Apple/Google cloud storage (especially compared to the threat of getting a Coinbase account SIM swapped).
I’m just wondering how to describe the trust model with social recovery activated in plain english.
