I'm playing with gun.js and I'm loving it so far. Is it's safe to us gun on the client (especially for .put() calls etc.)?
If I was building a react+redux app and my gun.put() calls came from thunks for example, is that safe? Or is it better to do CRUD operations on the server and just use the Gun client library for retrieving data (.on()) and keeping my redux stores in sync?
I got an answer from @amark (a founder of gun) and he asked me to post the answer here:
What do you mean by "safe"? Yes, you can perform puts from the browser. You also could do it server-side behind some CRUD (but then you'd have to manage AJAX calls and stuff yourself, which sucks. GUN handles browser/server communication for you out of the box).
By "safe" do you mean, is there any security or something that prevents spam? You'd need to run SEA (which is in alpha), you can learn more here: https://github.com/amark/gun/wiki/auth . Without SEA, everything is unfiltered, with SEA updates can be verified.