You can share jellyfin over the net.
The security issues that tend to be quoted are less important than some people claim them to be.
For instance the unauthorized streaming bug, often quoted as one of the worst jellyfin security issues, in order to work the attacker need to know the exact id of the item they want to stream, which is virtually impossible unless they are or have been an authorized client at some point.
Just set it up with the typical bruteforce protections and you’ll be fine.
So… Are there any cryptocurrencies that the owners hold in mass and are trying to get profit by selling them to users in a “pay to win” system?
Last time I checked bot IPFS and plebbit had those… Which is why I steered away from those projects.