Access History 2

As a document author, I want to see the timestamps of access for different users because I know who has which state of information.

Honest user stories Read More

Ownership

As a owner of the document, I want to share it with one of my contacts so I add them as an owner. (I have no idea what "owner" means)

Shit user stories Read More

Efficient smartphone login

As a mobile device user, I want to generate a short-lived QR code to authenticate my secondary devices so that I can bypass the slow and battery-consuming key derivation process that happens at login.

Honest user stories Read More

Limited account creation

As a administrator with limited disk space, I want to prevent malicious users from registering many accounts to bypass the storage quotas because I can continue to provide a public service for honest users.

Admin stories Read More

Access History

As a participant, I want to hide the timestamps of my access because my collaborators can not infer when and how long I worked.

Honest user stories Read More

“Access lists” without “access”

As a owner of a sensitive document, I want to add someone to the document's access list without actually giving them its keys because it remains secure. (???)

Shit user stories Open Story

Loading docs on mobile

As a smartphone user, I want to open a CryptPad document but it doesn't load.

Shit user stories Open Story

Contributor attribution

As a document's creator, I want to see who made which changes so that accurately assign credit or blame.

Honest user stories Read More

Account impersonation

As a malicious actor, I want to appear to be the account of a known target in a group because their friends will add me as a contact and share documents with me.

Evil user stories Read More

Delegated upload quotas

As a registered form author, I want to add an upload question to my form so that people can submit images/files as part of their response.

Honest user stories Read More

Document format upgrade

As a document owner, I want to upgrade my document to a new format without fully breaking existing so that I can enjoy its new configuration options without great inconvenience.

Honest user stories Open Story

Uncertain folder membership

As a creator of a shared folder, I want to lose track of who has access to the folder so that cannot accidentally reveal confidential information.

Shit user stories Open Story

Malicious JS - DNS variant

As a authoritarian regime, I want to compel DNS server operators to direct users to my custom CryptPad front end because I can serve whatever JS I want and use people's keys to load from the actual API server.

Evil user stories Read More

Malicious JavaScript

As a state actor, I want to seize a heavily used CryptPad server and serve malicious JavaScript because I can actively collect the keys to every document when users visit the site.

Evil user stories Read More

Bulk settings updates

As a user with many documents, I want to select a group of folders and/or files and recursively apply a metadata change so that I can effectively exercise control over who accesses them without having to perform a tedious, repetitive task.

Honest user stories Read More

Ownership 2

As a registered user, I want to destroy a document I created but I did not choose to be an owner when I created the document.

Shit user stories Read More

Terrorist cells

As a white supremacist, I want to take advantage of free online services which make it difficult/impossible to analyze my social graph and similar metadata because I can coordinate with my local, national, and international terrorist networks without facing any consequences for my horrendous behaviour and beliefs.

Evil user stories Read More

Account verification

As a activist, I want to verify the identity of my contacts because be sure that I share my sensitive documents with the right peers.

Honest user stories Read More

ciphersuites

As a high-risk user, I want to use the most-secure cryptography for all my documents so that my old documents are not readable by modern adversaries with new capabilities.

Honest user stories Read More

Admin onboarding

As a instance administrator, I want to generate individualized or multiple user invitation codes because I can onboard my friends while keeping registration closed to the public.

Admin stories Read More

Feature telemetry

As a CryptPad developer, I want to measure how often a feature is used and by how many people because I can decide whether its possible improvements should be prioritized.

Developer stories Read More

Instance telemetry

As a CEO of XWiki, I want to collect telemetry indicating the number of active users and documents on a third-party instance because I can include those metrics as a KPI in grant proposals.

Business stories Open Story

Legal operation

As a CEO of an SME, I want to offer hosting of premium CryptPad accounts to individual users because I can help sustain the development of the software and eventually make a profit.

Business stories Open Story

CLI API

As a self-identified power-user, I want to automate some actions on my account with a headless JavaScript API so that I spend less of my time manually clicking through tedious browser UI.

Honest user stories Read More

Police informant

As a law enforcement officer, I want to see who edited a document over its history because I can add to the data I am collecting about a movement to track it down.

Evil user stories Read More

Bulk team onboarding

As a teacher with many students, I want to simultaneously invite many (20+) users to a team so that I can onboard my whole class without wasting a lot of time clicking to generate invitations.

Honest user stories Read More

Honeypot operator

As a intelligence agent, I want to list my malicious server as a public instance on cryptpad.org because I can compromise a particular demographic of users. (e.g., climate activists in France)

Evil user stories Read More