Since reading up on a bunch of ways to use Home Assistant and MQTT I have found out a lot of people will buy the cheap WiFi Light Switches that has the Tuya Firmware then re-flash it with some other Firmware to make the Switch work Locally via MQTT without it having to go poll the Net.
I think that is pretty neat however only on paper. Now granted it works Locally and doesn’t spy on you however it’s insecure and anyone can access it if they have access to the Network or even brute force into the Network with that insecure device. Although I think the Tuya Firmware isn’t too secure also but at least they try and they can push an update before in the background to fix any holes in the code and security. With the Opensource Firmware replacement you would have to check every now and then if there is an update and when you update it you could brick it.
Once again and I know I sound like a broken record but you want to use IoT devices on it’s own Network. Now since the Opensource Firmware can let you use the Devices locally you can easily have an offline Network and if using a PC or Raspberry Pi to be the tunnel. Like have the Raspberry Pi use it’s WiFi to control the IoT stuff and then use it’s Ethernet to connect to your Home Network but keeping the two Networks detached. Have the SSID of the Offline LAN hidden and password protected and possibly a MAC Address Whitelist.