Nostr Web Client

This is a misconception and conflation of concepts, but it's my fault for not explaining better (although it has been addressed in the latest Zapstore).

Define signing? Indexed apps on Zapstore are simply caching what is on Github -for discoverability which is nil in Obtainium- and signing a Nostr event with that. They are NOT signing the APK. So in this sense it has the exact same level of risk than Obtainium. I would say less, because on Zapstore you can tell what you are about to install, in Obtainium it's not that clear because of lacking metadata.

By default Zapstore will install from the external/original source, and only fall back if it 404'd:

Zapstore 22h ago

@nostr:npub1l6scds4yv7xmcsmhqnhdy9sggm520q09lvts2m5mkvecgr2mmmeqsuj5rc we're working on splitting relays for indexed vs developer-signed apps; implementing relay management UI as we speak.

https://github.com/zapstore/zapstore/issues/205

and soon the ability to hide closed source apps:

https://github.com/zapstore/zapstore/issues/197

Hope that brings you back!

Reply to this note

Please Login to reply.

Discussion

Matt 21h ago

That would definitely make it easier to use it the way I'm trying to. The app is otherwise quite nice. Just a maintenance headache for me right now. I appreciate the update.