Ask HN: What should I verify before releasing a P2P messenger?

I’m releasing 1.0 of an open-source desktop P2P messenger tomorrow - Realman78/Kiyeovo on GitHub. In short, it's a feature rich messenger with clearnet “Fast mode” and an optional Tor-routed “Anonymous mode.” Before the "release" tomorrow, I want to catch anything I might have missed.

For people who have shipped tools from this domain (privacy/messaging/security): what would you verify now that you have less than 24 hours?

5 points | by Realman78 2 hours ago

1 comments

  • fullstick 51 minutes ago
    What have you already verified?
    • Realman78 42 minutes ago
      I have verified that the app works without an issue on clean installations of Ubuntu, Debian and MacOS. I have spent the last 2 days testing the app by pretending to be a malicious user and patched those holes up. I ran the whole app through a detailed security scan using Fable. I went through the whole app and reduced metadata leakage to a bare minimum required by the app to work. I implemented all electron security recommendations. Currently, I'm just doing manual testing which mostly doesnt bring up any bugs, but rather some UI issues (like flickering or text going out of bounds) that I immediately patch