Oddbean new post about | logout
 sounds like you think using Aqua on iOS is a significant risk. If I understand you correctly, what are the threat vectors?

Assume friend uses the Aqua app while on a data VPN such as a BTC-paid anon ProtonVPN account with secure recovery email and self-custody of email storage keys. 
 No I'm referring to iOS itself 
 threat vectors are pretty basic opsec questions