(no title)

For starters, I think the number 1 most important thing is open sourcing code. Everyone should be able to read the entirety of the software's code themselves, verify the claim, build the app from source, and run it locally if desired. Unfortunately not everyone will have the skill to do this, so many will likely have to resort to trust in others to do this verification for them.

Given that this code also runs on a website, you have to trust that the code loaded from the website is the same as the source. Notice this statement I also added in there: "Please be aware: if someone evil... takes control of hushdocs.com, they can access your docs!"

There are some ways to mitigate this:

1. I could offer a native downloadable version of this site, and you can verify the downloaded file's integrity using a hash and signature.

2. I could add a service worker to the site such that after the website loads the first time, you have to manually allow a new version of the site (that would also be signed by me) to load and run in your browser. Check out this blog post for ideas on how to go about this: https://blog.airborn.io/post/2017/08/03/Transparent-Web-Apps...

3. I could host the static site on IPFS and you could rely on a browser extension to ensure the correct site loads, described here: https://blog.cloudflare.com/e2e-integrity/

But at the end of the day, to really verify the claim yourself, you have to be able to read and build the software from source yourself. Otherwise, yep, you are trusting that I'm giving you code that's doing what I say it's doing.

A security researcher can typically verify this claim to a fairly high degree of certainty without too much difficulty.

The problem is that at any point the code might change, and unless a security researcher is checking every version, they won't find it. Also, there is no guarantee all users run the same code...