Setups should be thought as as varying levels of multisig in complexity and sovereignty.
As I mentioned with nostr:npub1vgldyxx7syc30qm9v7padnnfpdfp4zwymsyl9ztzuklaf7j5jfyspk36wu, let’s say you have someone who’s buying their first bitcoin. You just onboarded your friend basically.
Well then maybe the setup should be that you have a key, your friend has a key, and the wallet provider has a key. That way this person can come back to you and still recover funds in case anything goes wrong.
It leverages local trust, instead of some huge, distant corporate (or scam wallet) trust model.
Then this can have all sorts of default variations based on the level of user skill and knowledge. 3/7 for someone who really needs help, but has a ton of funds, and has a spouse/friend they trust with a device also. Use tapsigners for main keys because they are super easy and have no input or UI complexity. They always work and you just keep them in your wallet. Multiple options for recovery, and to them it’ll look like just “tap to sign” because their phones auto sign with a local key too.
This way if they lose their phone, tapsigner, and additional key, it can still be recovered through their group. The UX challenge for something like that is mostly in the setup process.
But then there’s all sorts of options in between. As well as timelocks in the case of too many keys lost, let recovery still be possible on one key, with a 3 month delay, etc.
Just lots to explore and it could be hidden for the user behind, “just have these devices” or “just have this person confirm,” or “just tap this card,” etc.