Bit of an odd intro: I'm a carpenter, 42 years at the bench. I'm the type who can't stand making the same thing everyone else makes, so I've always chased the technical side too - CNC, laser cutting, and lately building software to run my machines.
At some point I wanted to send my own designs to people without them leaking anywhere, and I went down the rabbit hole of how messaging actually works. What got me was realising how much of the "free" stuff is paid for with our privacy. That annoyed me enough that I decided to build my own messenger, mostly to learn. It grew from something simple into a real thing. I called it Sherlock.
Two things I cared about: proper encryption, and NOT tying it to a phone number - I built a different system for that.
I'm not going to pretend I reinvented cryptography. I'm a woodworker who got obsessed. So I'd rather hear it straight from people who actually know this stuff:
- How much does the "no phone number" approach really buy you if I get the rest wrong?
- For a small independent project, what's the bar before any of you would even consider trusting it - open source, audit, something else?
Genuinely here for the criticism, not the pats on the back.
I won't argue with how you meant it. I had a feeling and I wrote it the way it sounded to me - if you say it was different, then fair enough, but the other side receives it the way they read it. That's just how it goes, and it's not an attack on you.
And if some people here don't like AI, I can't help that. I came for advice, for solutions. I'm constantly learning, and I'd say that to anyone who wants to show they can make something. I'm a man who keeps learning - and the fact that I mentioned my grey hair and that I'm a carpenter, I'm proud of that. Proud that I made something I never studied in school.
That's the whole point for me: I respect people who have no idea what they're walking into and end up doing it anyway - sometimes better than the experts who studied ten years. That person means more to me than someone with "engineer" in front of their name.
I'm not hiding the AI under the rug. Everything I made, I made with AI. My ideas, my visions - it just helped turn them into something real.
I don't know you. Maybe you're an engineer, a doctor, an astronaut - I've no idea. To me you're a person I'm talking to, maybe on the other side of the planet, and what made that possible? AI. That's the point. I'm not here to fight or wind people up. Let's just live, not pick at each other over who does or doesn't use a tool.
If you don't like it, that's OK - we just say hi, goodbye, and our paths part. No hard feelings, and I mean that with a smile.
One principle I hold: you never really know who you're talking to. I could be a craftsman, a teacher, or a director at a big company. You never know when you might need the other person. And if anyone thinks chats are just a place to hide behind - that's not my style.
(Note: English isn't my first language - I write in my own and AI helps me translate.)
You asked for criticism and advice, and that's exactly what I offered. It's based on my own experience here. I was offering it to be helpful. Just what exactly are you trying to achieve with this response? Because yeah, I'm not getting attacked, I'm getting lectured. For offering advice when it was solicited.
I'm certain you don't see the problem here, so I'm out. But for the love of Christ, just use AI to set up, harden, and manage a Matrix server instead of wasting tokens building your own application. You'll end up with something much more secure than an app with a possibly-bad crypto implementation that you don't have the experience to see, find, or fix.
You're right, and I owe you an apology. My frustration in that earlier reply wasn't aimed at you - it was about a pile of "you're a bot / fraud" comments, and you got caught in the blast. That wasn't fair. Your advice was genuine and useful, and you didn't deserve to be lumped in with that.
The Matrix-server point is well taken, honestly. You're right that I don't have the experience to find and fix a bad crypto implementation alone - that's exactly why an external review matters before I'd ever tell anyone to rely on it. I hear you.
Thanks for taking the time, twice. I mean that. Sorry it landed as a lecture - that's on me.
(English isn't my first language - AI helps me translate.) Sorry
Ah, you're alright mate. Like I said, I got the same guff when I posted my first project here, and it sucked. I wanted to offer my advice because I think it's brilliant that AI is opening up development to a whole new raft of people, and I'm excited to see more people building neat little software projects that fill their needs - we get to watch peoples' journeys unfold through repo commits. It's like watching someone's first Dark Souls playthrough.
I have another bit of feedback which I hope might be helpful: Everyone is building an encrypted messaging app these days. Do something new, and use your carpentry experience to inform what that something is. You have a wealth of knowledge and this thing is an incredible tool for augmenting that, see if you can solve an old hard problem with it!
See, now I want to help again. What tools are you using and do you have any harnesses set up and what's your system prompt like? The beautiful thing about agents is that you can just point them at repos and have them cherrypick the useful bits. Here's a few that you may find useful:
on_outputhook, but it includes my custom self-checking harness that I built for myself as well)