This is great and kudos to coindaddy.io … but is there a risk of noob users being unsure which servers can be trusted if more than a few pop up? I wonder it would be too trivial to hack a difference that compromises wallets and sends data to server. What stops simple spoofing a honey trap password box?.. Are we limited to knowing which are trusted hosts?.. Is counterparty listing those it know are genuine; that doesn’t seem a good answer?.. or is it simply undoable, in which case is there a FAQ that we can know about to point that out?