i still think this is a bad idea, and i'm not gonna be smiling when i'm proven right
this is also the same reason why i'm utterly unimpressed by bitwarden
it's security 101: don't send a signal at all over an insecure channel if that can leak valuable metadata to an attacker about timing and location
if it only ran on Tor that would be ok, but that's not gonna be the way it works, is it?