Merge branch 'clarify-threat-model-scope' into 'master'

Clarify the threat model's scope

See merge request zcash-docs/zcash-docs!266

source/rtd_pages/wallet_threat_model.md

@@ -1,11 +1,13 @@
 Wallet App Threat Model
 ========================
 
-This threat model is intended for curious technical users of the ECC wallet
-apps as well as developers making use of the SDK in their own apps. See the
-[Invariant-Centric Threat Modeling](https://github.com/defuse/ictm) for a
-complete explanation of the threat modeling methodology we use. Here's a
-short summary of the methodology:
+This threat model is intended for curious technical users of the ECC wallet apps
+as well as developers making use of the SDK in their own apps. The threat model
+applies to the internal ECC reference wallet, and should apply to any Zcash
+wallet built on top of the ECC SDKs, unless significant modifications have been
+made. See the [Invariant-Centric Threat
+Modeling](https://github.com/defuse/ictm) for a complete explanation of the
+threat modeling methodology we use. Here's a short summary of the methodology:
 
 - This document lists "security invariants" that the apps and SDK should
 currently provide. Users and developers *should not* rely on any security or
@@ -259,4 +261,4 @@ running on.
 - More fine-grained models of adversaries, e.g. one that has eclipsed the
 lightwalletd node but has not been able to compromise it fully.
 
-These shortcomings will be addressed in future updates to the threat model.
+These shortcomings will be addressed in future updates to the threat model.