CryptPad User Stories
Account verification
As a activist, I want to verify the identity of my contacts because be sure that I share my sensitive documents with the right peers.
Honest user stories Read More“Access lists” without “access”
As a owner of a sensitive document, I want to add someone to the document's access list without actually giving them its keys because it remains secure. (???)
Shit user stories Open StoryBulk team onboarding
As a teacher with many students, I want to simultaneously invite many (20+) users to a team so that I can onboard my whole class without wasting a lot of time clicking to generate invitations.
Honest user stories Read MoreAccess History 2
As a document author, I want to see the timestamps of access for different users because I know who has which state of information.
Honest user stories Read MoreDelegated upload quotas
As a registered form author, I want to add an upload question to my form so that people can submit images/files as part of their response.
Honest user stories Read MoreOwnership 2
As a registered user, I want to destroy a document I created but I did not choose to be an owner when I created the document.
Shit user stories Read MoreDocument format upgrade
As a document owner, I want to upgrade my document to a new format without fully breaking existing so that I can enjoy its new configuration options without great inconvenience.
Honest user stories Open StoryHoneypot operator
As a intelligence agent, I want to list my malicious server as a public instance on cryptpad.org because I can compromise a particular demographic of users. (e.g., climate activists in France)
Evil user stories Read Moreciphersuites
As a high-risk user, I want to use the most-secure cryptography for all my documents so that my old documents are not readable by modern adversaries with new capabilities.
Honest user stories Read MoreEfficient smartphone login
As a mobile device user, I want to generate a short-lived QR code to authenticate my secondary devices so that I can bypass the slow and battery-consuming key derivation process that happens at login.
Honest user stories Read MorePolice informant
As a law enforcement officer, I want to see who edited a document over its history because I can add to the data I am collecting about a movement to track it down.
Evil user stories Read MoreOwnership
As a owner of the document, I want to share it with one of my contacts so I add them as an owner. (I have no idea what "owner" means)
Shit user stories Read MoreMalicious JavaScript
As a state actor, I want to seize a heavily used CryptPad server and serve malicious JavaScript because I can actively collect the keys to every document when users visit the site.
Evil user stories Read MoreAccount impersonation
As a malicious actor, I want to appear to be the account of a known target in a group because their friends will add me as a contact and share documents with me.
Evil user stories Read MoreBulk settings updates
As a user with many documents, I want to select a group of folders and/or files and recursively apply a metadata change so that I can effectively exercise control over who accesses them without having to perform a tedious, repetitive task.
Honest user stories Read MoreInstance telemetry
As a CEO of XWiki, I want to collect telemetry indicating the number of active users and documents on a third-party instance because I can include those metrics as a KPI in grant proposals.
Business stories Open StoryAccess History
As a participant, I want to hide the timestamps of my access because my collaborators can not infer when and how long I worked.
Honest user stories Read MoreAdmin onboarding
As a instance administrator, I want to generate individualized or multiple user invitation codes because I can onboard my friends while keeping registration closed to the public.
Admin stories Read MoreLoading docs on mobile
As a smartphone user, I want to open a CryptPad document but it doesn't load.
Shit user stories Open StoryTerrorist cells
As a white supremacist, I want to take advantage of free online services which make it difficult/impossible to analyze my social graph and similar metadata because I can coordinate with my local, national, and international terrorist networks without facing any consequences for my horrendous behaviour and beliefs.
Evil user stories Read MoreMalicious JS - DNS variant
As a authoritarian regime, I want to compel DNS server operators to direct users to my custom CryptPad front end because I can serve whatever JS I want and use people's keys to load from the actual API server.
Evil user stories Read MoreLegal operation
As a CEO of an SME, I want to offer hosting of premium CryptPad accounts to individual users because I can help sustain the development of the software and eventually make a profit.
Business stories Open StoryLimited account creation
As a administrator with limited disk space, I want to prevent malicious users from registering many accounts to bypass the storage quotas because I can continue to provide a public service for honest users.
Admin stories Read MoreUncertain folder membership
As a creator of a shared folder, I want to lose track of who has access to the folder so that cannot accidentally reveal confidential information.
Shit user stories Open StoryCLI API
As a self-identified power-user, I want to automate some actions on my account with a headless JavaScript API so that I spend less of my time manually clicking through tedious browser UI.
Honest user stories Read MoreFeature telemetry
As a CryptPad developer, I want to measure how often a feature is used and by how many people because I can decide whether its possible improvements should be prioritized.
Developer stories Read MoreContributor attribution
As a document's creator, I want to see who made which changes so that accurately assign credit or blame.
Honest user stories Read More