[heapwolf]

The development pattern with Socket runtime is dramatically simpler and more secure than Electron or Tauri because we've made the Main process optional. When you build an Electron app, for example, you spend a huge amount of time and energy marshaling data between the UI and the Main process. You end up essentially designing your own routing system. That can be a lot of work to maintain.

In terms of security, an optional Main process means a smaller surface area to worry about when considering your end-user's safety.

Historically, the super strict separation of UI and Main was implemented as a security precaution. For example, you didn’t want the front end doing naughty things to your file system, because after all, who knows when a rouge request might be somehow injected or some data may be unescaped. But in reality it didn't resolve the problem, it just moved the risk into Main - where the same problems still exist, because Main is an arbitrary binary with many most likely unaudited, transient dependencies, and unmitigated access to the OS.

We reduced the overall surface area and locked it down with CSP (a web standard) to granularly control 100% of the native capabilities. In other words, there is less solution-specific ceremony to spend time on, you get to focus on your real problems.