Replying to Avatar ABH3PO

Zapstore is the ONLY app store that does signed builds which means you can verify the code of the apps your phone is running, not to say the other stores are bad choices per say, but at least now there is a clear distinction between a good way to do things and something that's clearly a security hole.
4a
Seoclaid12 9mo ago

Zapstore is cool but is your npub still tied to your app list and known to Zapstore and the public? I like Zapstore but that may be a concern for some threat models to have installed apps known.

Also, I've been watching for more apps on Zapstore to be signed by devs themselves rather than Zapstore. Some are, most aren't. Should improve.

Reply to this note

Please Login to reply.

Discussion

Avatar
ABH3PO 9mo ago

You don't have to login to zapstore, you decide whatever info you want to make public

Avatar
ABH3PO 9mo ago

Also it's good even if it's signed by zapstore since it at least makes it reproducible, even if not by dev signatures themselves