Sorry, I originally started this post and wasn’t getting an immediate response so i submitted a ticket later on. I see your point on only one person being able to start a form so rights at the default stage shouldn’t matter for the rest of the roles, but each stage in our forms has a “reject” path that sends the form to the previous stage. So if a stage 2 user opens a form at stage 2 through an email link, and decides the submitter has forgotten to attach something or (and this is just me thinking maliciously) maybe they want to change something in the form, and they have figured out that their role has unlimited rights to change a form at the default stage. They could resubmit it if they reject it back to the default stage. They could open the link they received previously after they have rejected the form back to the submitter and before the submitter has gotten a chance to get into the form, make any changes, and resubmit the form. Now we have put things in place like a signature line that gets filled with the users name and date that clicks the submit button, and I would like to think that this is something that would be noticed fairly quickly. However, being a financial institution, it’s not something we feel comfortable leaving to chance, and seems like if we could just control a field state for “unspecified” and treat it like an individual role, that would solve our problem.