Nostr Web Client

Accrescent's catalog is maintained by a respected community member and checks dev signatures on a third-party database on Github. Correct me if I'm wrong.

While zap.store currently is more or less that, we're aiming to change the status quo trust model.

Users will be able to cryptographically verify an artifact came from a developer using nostr. They can do so directly, relying on a web-of-trust check, or indirectly via curators (choose your own walled gardens).

In addition, we're targeting multiple operating systems and other features like relay-based communities, the ability to zap apps and developers, a marketplace for new apps and more.

Zapstore 1y ago

nostr:nevent1qqst8tm7fj4fd4zu7d938ltcqqu7e0h2z0kpsxggfgzjapph5tmhjkcpr4mhxue69uhkummnw3ezucnfw33k76twv4ezuum0vd5kzmp0qgs83nn04fezvsu89p8xg7axjwye2u67errat3dx2um725fs7qnrqlgrqsqqqqqpkf4tcw

Reply to this note

Please Login to reply.

Discussion

Garlic 1y ago

How can I trust in apps signed by you? How I can verify that's the same signature? Your app not even (yet) has integration with AppVerifier like Accrescent

Zapstore 1y ago

Inspect the source code and build the APK yourself. There is a file integrity hash check and an APK certificate hash check but Android enforces this validation anyway.

For first installs you're choosing to trust AppVerifier and not zap.store, that's okay. I can't change who you trust.

However, developers will start signing apps via nostr events so on zap.store you'll be able to check that with your web of trust (via a service or manually)

Anonymous 1y ago

Accrescent is too sus.

All communication channels are through well-known compromised locations. Your work is beyond all that from the beginning, please do keep the good work and keep the apps offline.

Garlic 1y ago

Why GrapheneOS uses this?

Garlic 1y ago

I have pretty trust on them

Phi 1y ago

Because Accrescent comes from the GrapheneOS Community