pull down to refresh
338 sats \ 3 replies \ @k00b 21h \ parent \ on: Wallet-stealer malware on macOS: here’s what I built to solve it privacy
This
and
are inconsistent with each other.
No one should download this. You're an internet anon making promises about what happens after a leap of faith is already taken.
No promises - if you don’t feel safe, definitely don’t install. I’ll work on getting a minimal version open sourced ASAP. Until then, treat it like a curiosity or don’t touch it at all.
Main reason for closed-source: I’m paranoid about leaking stuff that could be exploited, and the code is still a mess. I plan to open-source once the core is stable and not embarrassing.
reply
I’m paranoid about leaking stuff that could be exploited
You said it works offline. From your site:
Works Offline: Core protection features function perfectly without an internet connection.
So what could there be to exploit?
I plan to open-source once the core is stable and not embarrassing.
You're too embarrassed to show your code, but you're not too embarrassed to ask people to trust you with a tool that probably requires root access?
ShieldKey monitors file access, blocks malicious sites/extensions, checks network connections, and guards system files—all in real-time, locally on your Mac.
reply
Fair enough. Not open-sourcing from day one isn’t about hiding anything malicious; it’s just me being a perfectionist about code quality and avoiding ‘script kiddie’ exploits while things are still raw. No one should trust a new closed-source security tool, especially one that touches wallet files.
If anyone wants to audit or review, I can provide limited source or walkthroughs privately for now. Full open source is the plan after v1 beta feedback and tightening up anything stupid I missed as a solo dev.
Not trying to ‘hide’ - just not ready to defend half-baked code in public yet.
If that’s a dealbreaker, 100% respect that, app’s not for you (yet).
reply