The main site is located here: molly.im
The first paragraphs on the donation page:
The goal is to build a secure messaging app with integrated support for Monero payments and a decentralized backend.
The application will be based on the Signal fork Molly.im (henceforth ‘Molly’) but with a privacy-focused backend that allows the user to sign up anonymously (without phone number), encrypt their local database with passphrase encryption, RAM shredding, and more.
Monero features will include the ability to set up a XMR wallet, send and receive funds, keep track of the balance, and review the history.
Why should I want a wallet inside the code of a secure messanger?
Keep it simple and save. One tool for one job.
We have seen what some imported/used libraries may open holes in the software. (Hint: Log4j)
From the lead developer: Code that doesn’t get executed cannot be exploited. It’s true that, when exploiting a vulnerability (in reachable code), you can take advantage of everything loaded into the program memory to take control of the execution, including unreachable code. But you’re assuming there’s a prior critical vulnerability in Molly that allows to alter execution flow in the first place
Another comment from them: Also consider that Whatsapp and iMessage were exploited by flaws in the multimedia libraries. Should we remove image and video sharing in messaging apps?