(no title)

My main takeaway is that, for all of its footguns, React has solved a lot more problems than it created: Even for this rather simple app, the number of invariants that need to be preserved is large enough that doing jQuery-style UX feels like hand-writing assembly. I know from other projects that React's performance is quite a thorny issue, though I now wonder if that's because we're treating it as a library (as advertised) when instead we should maybe treat it as an optimizing compiler for a far too liberal language (there's only so much you can optimize when some <script> you have no knowledge of can pull the rug).

I've also learnt that post-html5 web specs are still annoying, inconsistent or downright missing. I guess that the committee is mostly happy with that outcome but it's almost 2024, can we get TypedArray.to/fromBase64() already?

> How do you plan to monetize it?

I don't, not really. Pushing ads, even if it could be done without compromising security, might trigger paranoia in some users for example when the interested in private communications data point leads to the user seeing ads for other encryption solutions, some of which may be formulated as they're always watching you!.

On a tangential matter, I'm currently looking for contracts. Send me a message if you like what you've read and are willing to retain LLC external contractors (US east coast or EU time zones). My services are not cheap, but (I like to think that) they are top shelf.

> How do you plan to keep this running in the future?

It's pretty cheap as there's no real infrastructure to speak of. All cryptography is done in the browser and while there is a server, it is only used to deliver the static html page (~12KiB when gzipped). Most of the distribution cost is currently offloaded to the proxy provider and while they are well within their rights to pull the plug at any time, my current choice has a proven track record of doing the opposite for the internet equivalent of public infrastructure: <https://blog.apnic.net/2021/06/17/how-a-small-free-ip-tool-s...>.

Other than my time, the only thing I've paid for thus far is the domain name, and I can likely personally afford the renewal fees for the foreseeable future.

> You mentioned repudiation. What's that about?

Because all secrets are deleted upon (successful) use, both parties can claim to have no knowledge of any secret exchange since there's no hard evidence that can pin them to it. They can argue that either their respective platform accounts or their user agents were compromised and those statements are irrefutable without further evidence. That being said, the exchange itself is part of the public record and may (I am not a lawyer!) constitute reasonable suspicion for an officer of the court to issue a warrant that could lead to the discovery of said evidence.

> I want to buy you a coffee, how do I go about doing that?

Accepting donations is something that I have considered, but have currently decided against because profiting from this feels unfair to the proxy. While this is subject to change in the future, it will only do so if the projected donations can cover the distribution costs (e.g. via a paid plan or self hosted).