Security Goals

ONE Wallet is designed with these goals in mind for security:

Resilient. Funds are recoverable through time locks and multiple safety nets. No single point of failure such as thefts, cracks, loss, censorship or coersions is catastrophic.
Sufficient. All steps are well defined without delegating to hardware devices or seed phrases in safety boxes. Users do not need any passwords or rely on biometrics.
Anonymous. An account is a fresh cryptographic hash, not tied to existing systems or real-world identity. Derived paths support multiple public keys to protect privacy.

Composable. One-time or low-entropy passwords are useful for small funds. Multiple authentications can independently boost protection thresholds against brute-force.
On-chain. A decentralized network with high stakes and fast finality validates all transactions. Its platform has sustainable incentives and open governance to evolve.
Programmable. Operations can call third-party contracts, store history of states, or upgrade its code. Complex applications may use oracles of time, locations and events.

Self-Sovereign. No third parties, government documents, designated guardians, backup servers or hardware enclaves are necessary. Users have full custody and self control.
Air-Gapped. Key-loggers and man-in-the-middle attacks are minimized. The full parameters of transactions are easy to verify and approve without cables or cameras.
Verified. Trusted are only open source and hardened cryptography. Formal verification, through logical frameworks, assures end-to-end security beyond tests and audits.

Tradeoffs

There may be conflicts, tradeoffs or impracticality of the goals above. Here's our rule of thumb:

Toward validating our innovation with 10k users (each with $100 assets), focus on these three goals: sufficient, resilient and composable.
Toward adopting our product with 1m users (each with $1k assets), differentiate with these three goals: on-chain, self-sovereign and air-gapped.