Frames are very cool, but can someone help me understand the security model? What’s the risk associated with malicious frames? I hope there aren’t wallet-draining possibilities here, but would love to have that confirmed.

Technowatermelon. Elder Millenial. Building Farcaster. 

nf.td/varun

Is the only input a user can send the data about where they clicked? I.e. can’t send a text string or a seed phrase or any user generated data like that?

None in the current design. It's just a widget that renders some pictures and buttons and sends you a predefined EdDSA signature. 

Privacy wise, assume everything you do inside a frame is visible to the developer. Similar to the general Farcaster model where most actions are public.

Curious about this too. I get a mini panic attack everytime I engage w a frame. 🙈🫠