I don't understand this mindset.
In open source, both malicious actors and contributors will try to find problems.
In closed source, the development team is paid by hour (and probably don't care about the product quality) and the only motivated people to find real issues are malicious actors.
But people still consider closed source safer.
That smokescreen argument makes a lot of sense. Both the company and our clients, tend to opt for ready out-of-the-box proprietary solutions, instead of taking responsibility of the maintenance.
It doesn't matter how bad or limiting that proprietary option is. As long as it somewhat fits our scenario and requires less code, it's fine.
Pinky promise
WireGuard supports mesh as well, but it requires to manually configure all the keys and all the IPs on all devices.
There is wgsd, which supposedly makes WireGuard mesh networking easier, but I haven't tried it.
Is this like Tailscale? Maybe closer to Headscale, as tinc seems to be completely self hosted.
I think the OP is looking for a decentralized alternative to something like Nord/Express/Mullvad to hide their traffic, and not a way to connect their devices together.
Christ without HR is just Cist
I have Signal and microG with push notifications. Signal still uses websocket on my device. So, I guess it would be fine without microG push.
I prefer nix package manager honestly