Threat modelling like STRIDE for overall security design/principles

[AlexMikhalev]

I think we need to add a threat model, like https://en.wikipedia.org/wiki/STRIDE_(security) into our documentation and also highlight how atomic data server features prevent common threats: Threat Desired property Spoofing Authenticity Tampering Integrity Repudiation Non-repudiability Information disclosure Confidentiality Denial of Service Availability Elevation of Privilege Authorization

For example, what if I want to take over an agent account and I will brute force the private key?