This looks really cool, except for this: "I'm using Firebase Authentication for sign-ups, so I can't see the passwords."

Firebase is a proprietary Google service. So, instead of the passwords being sent to chirp.social, which could hash it for security, it's sent to Google, and nobody knows what they do with it.

I wouldn't create a group on it for that reason. And I wouldn't consider it truly open source because of that dependency.

@feditips