Mylar assumes that an application has a web server that holds some app-specific server code and all the app's data. In that sense it's not really aimed at decentralized applications -- though the property that only clients (not the server) can read the data is very attractive. Could some of Mylar's ideas be used by decentralized applications, i.e. if there's no dedicated server at all, and user data is stored in the cloud on servers that have no application-specific aspect?
For example, what are the prospects for getting equality lookups on encrypted fields of data owned by other users?
Mylar pays considerable attention to the possibility that the authentication service might lie about the public keys associated with user IDs. Is this a problem in the other authentication systems we've looked at, such as Blockstack or Keybase?
In a decentralized world, how will users be sure that they are running the correct application javascript code in their browsers, and not corrupt code?