Support a static client via electron or similar

punk

Hey folks! Love what you're doing here, but the active attack via servers delivering compromised client code is a turn-off for me. I understand that the team doesn't have the bandwidth for a full client-side application, but I wonder if using electron to create a static client would be feasible? If you could have each build of the system spit out the server, the web client, and (from the web client) an electron app, you would give folks the choice to eliminate that attack vector.

Mathilde

Hello,

Thanks for reaching out and for your interest in CryptPad!

As far as I understand, your proposal would only displace the problem of trust from the server, to the application you downloaded. Which could be also altered in many different ways.

However, we understand the necessity of reducing the amount of trust given on the service operators. While we didn't came up with a solution yet, it's something we have in mind and will try to work on.

Have a good day!