WebRTC is a protocol, you can use it in both web apps and mobile apps.

If I remember well it was used as a trick from Facebook to leak personal data using the SDP.

That’s vibe coding.

What about Bitchat?

We should support our fediverse admins and instances 💪 Support by sending money (for people who can), moderating content, submitting issues or helping the team and project ✌️

It is complicated. He says true. And maybe your need to use GrapheneOS is relevant. If you have a smartphone without cellular connection, for a daily usage, FMPOV it is a non-sense in case of emergency. It is a risk you will have to take, I can’t disagree your dad. And what about your solution but with a SIM card with very few data and SMS available, through a SIM card you can keep aside your phone and insert when needed?

Did you have a look on Cake Wallet app? Open source under MIT license and available on F-Droid.

https://github.com/cake-tech/cake_wallet

If you are worried about your privacy, yes, you must get rid of Google Play Services. However a majors part of your apps may be broken as too much rely on this services and only in those services.

If you want apps to based on this layer of Google mess, have a look on some open spruce alternatives of your favorite apps. Maybe some of them won’t embed Google Play Services. But keep in mind you may lose some features like notifications from Google devices or fine tunes location.

You can have a look on microG or Open GApps for alternatives. However you may need to hack your device to flash them.

What you can do, for example:

• check if you can flash alternatives (possible to root and before unlock the boot loader)
• maybe check if you can flash another ROM ; projects list the compatible devices. Have a look on LineageOS, GrapheneOS or also /e/OS

It is always the same issues in fact. You should consider your threat model before all. Then, consider the Signal app, then your iPhone supposed to be updated, trusted, with ADP enabled, biometric lock with erasure after 10 failures, etc. Then consider your ISP, then your country. Etc, etc. You should also compare the contexts. Is an iPhone “better” than a low or middle ranges Android-powered smartphones? For sure, yes. Is it better than high-range expansive smartphones with Android ? Or Pixel ones? Not that sure. And compared to GrapheneOS or /e/? Pretty sure not that much. You can also compare messaging solutions. Is Signal better than WhatApp? Of course yes. But what about XMPP and Matrix for example?

And what are your use cases? Remember your threat model. If you are an activist, a journalist or a whistleblower your needs may be different than a “commons citizen worried about its privacy.

In few words, the only pain point I see is the fact than iOS is proprietary and runs non libre source code and Apple devices than APN. But Android devices are not so much different. It does not mean the solution is not private or efficient, if we succeed in defining a definition of “private or efficient”.

In a nutshell, it could be considered as good. But not perfect.

Any ideas for E2E encrypted storage alternatives?

Be sure also the issues you have in your project have the suitable labels to help future contributors to pick easily some of them, i.e. labels like “help wanted” or “good first issue”.

You can also refer to best practices listed and explained for example in Advent of Open Source so as to have a nice and user-friendly repo: https://adventofopensource.com/

Have a look on Organic Maps (https://organicmaps.app) or OSMAnd for example (https://osmand.net/).

BTW I hope any project won’t increase the Z version only by including Dependabot commits, it would be insane. Release must be documented, tested, with CHANGELOG updated. If some maintainers just accept Dependabot commits without checking, move away. That’s just simple crappy auto-merge.

Nice idea 👍