@ETFbitcoin
1. Not really secure. Hacker just need to hack their server rather than trying to make you install malicious software or do something stupid.
CRUXPay is not a centralized system instead it is a decentralized naming service built on top of Blockstack. The CRUX ID is actually mapped with the seed of your wallet and this mapping is stored on Bitcoin Blockchain as a transaction so, noone can temper that mapping, if the seed of wallet is secure.
2. You need to trust them not to perform any malicious attack.
CRUXPay does not own the CRUX ID to address mapping so, this is as secure as bitcoin blockchain. Only the owner of the wallet seed can change the mapping.
3. Cryptocurrency supposed to be as trustless as possible
CRUX protocol is a developed on Blockstack so, the naming is trustless.
I doubt it's as secure as Bitcoin's blockchain, but thanks for the clarification.
Still, it encourage address re-use which is bad for privacy, unless you use private-focused cryptocurrency (e.g. Monero)