This is good information. How can a user of a fedimint federation verify the federation can’t see user transactions (that the fedimint server software hasn’t been modified from what is open source). Or is the user/client trusting the federation solely based on reputation?