The GUI comes with a standalone installer for Windows and a MacOS installer coming soon, and will be configured to run in light mode by default, meaning that users will no longer have to run a local instance of bitcoin/counterparty clients or download the blockchain to get started.
Global consensus is fragile, so I'm wondering: what is the security model behind this? How could I know whether the data provider for the light mode is honest?
You can parse cilent-side the transaction that the server (with access to the Bitcoin UTXO pool) tells you to sign. Make 100% certain that it sends the right funds to the right place, e.g.