pull down to refresh

It's good, really solid for a new app. The UX feels a little more Android-y than Damus, if that's something you care about.
One thing that I don't like is that it doesn't appear to be open source, and I don't appear to be able to use a proxy to see what traffic is being sent where (Damus is both open source and I can proxy the traffic). Granted, that could be for better security (e.g. if they're using certificate pinning)
If you care about privacy that might be a reason not to use it for now. Maybe someone from the team can chime in on this.
reply
I'm not pasting my private key into a closed source client. Who knows what they are doing with it.
reply
unless you compiled your open source client yourself you don't know what the "open source" client is doing with your key either. the compiled version from the app/play store can be different from the publicly released code and you would never know it.
reply
Yes, hence the need also to proxy.
With both you can keep an eye out for any unusual looking identifiers being passed around, tie that back to the code and if not, ask questions in public.
reply
Very true, although that is a more expensive attack to pull of successfully
reply