correct me if I’m wrong but this is an issue with every single centralized services, wallet or client-server protocol.

of course there are mitigations against it that can be taken both on the server as well as client side. the protocol can be reinforced as well on the privacy side. we are definitely looking at all available options.

not sure what you mean by “run a service”