closed source custodial nostr clients are a threat to users and during these early days of nostr adoption represent an existential threat to nostr
if a non sovereign client or tool accrues significan...
Curiously "closed source" is not at all the issue here.
This is a shared custody situation which is arguably worse than custodial as it produces plausible deniability for both parties.
If a custodial service does funky things with the stuff under custody, all know they did and the question is if the owner asked them to do so. Here, users could do funky stuff and claim ZEBEDEE did or they could have a rogue employee doing the funky things and nobody would know.
As for the open/closed source situation: In nostr, keys can be protected from closed source clients quite efficiently already and should never be provided to any client regardless of the source being available.
This is a shared custody situation which is arguably worse than custodial as it produces plausible deniability for both parties.
If a custodial service does funky things with the stuff under custody, all know they did and the question is if the owner asked them to do so. Here, users could do funky stuff and claim ZEBEDEE did or they could have a rogue employee doing the funky things and nobody would know.
As for the open/closed source situation: In nostr, keys can be protected from closed source clients quite efficiently already and should never be provided to any client regardless of the source being available.