Want to revise my earlier comment. It appears that the app does encrypt some of its communications, but with no chain of trust on the Ukrainian root certificate that’s served to people, which basically means the OS certificate trust store has to be ignored to tolerate the API communications, making the communication…

The Blynk API appears to do its communications fully unencrypted, so your auth secret gets sent in plain text across whatever network you’re on. Not exactly something I’d trust my home to, personally.