I think we still have plenty of time to figure out these before anything gets set in stone, but I also believe the way SAFE is built makes things rather flexible.
From among my ideas, the master account idea is backwards compatible with just having independent accounts, and themes could be implemented as a folder with some JSON+images to which all installed apps would automatically receive read-only access: it’s all just conventions.
However, that’s exactly the point: it’s harder to change something when people are already used to it, so we could might as well start out with something good enough that it won’t need much changing.
Well, yes. However, as logging in to a master account would introduce ambiguity (which child persona should the app use?) why not decide master accounts are just “private containers,” and apps logged on to them should not use a public profile (i.e. it’s no longer a question which child persona we should use.)
Master accounts would still be useful for organizing personal stuff (e.g. copying between accounts) but they wouldn’t be very useful for social apps, which means people would not be logged on with them on their stupid phones unnecessarily.
As a random thought, how would public IDs tie in to @Seneca’s Decorum thing?