- How to create the three keypairs and give the private keys of the multisig addresses to three different Escrow agents in such a way that the private keys are not revealed to anyone (even the creator)?
The escrow agent, Alice and Bob would probably have a key each which they can determine on their own.
It's possible to get them to sign a piece of data to prove they own that private key and then reveal the public keys but such a step would be unnecessary.
- After Bob performs the transaction from his wallet to the multisig address wait for 6 confirmations before lending him $8,000.
If neccessary then yes
- Reveal operation's details (when and where) only to people involved.
What? You mean for if there are only two people. I think it would currently impossible to do that unless there's a proof for the blockchain without haviing both parties trust each other. A hostage situation whereby bob doesn't repay but tells alice she can get half her funds back could be odne fairly easily.
- What's best cold storage method with pros and cons? (i.e. HW wallets: if the period T is relatively long, new firmware may be released to patch vulnerabilities. An update process needs to be defined)
Firmware updates will do nothing. Most hardware wallets are open source or are compatible with clients such as electrum.
The nmemonic phrase is also compatible with electrum with a small amount of tweaking.
- Transfer 1,5 BTC to either Alice or Bob according to agreement outcomes. Is this probably the least risky step in the list?
The bit that's missing is probably the fact that the fiat transfer will likely have to go through the escrow agent.
There would be obvious issues with doing a cash in hand transfer too - unless it's done in well secured public premises.