What do you think of current nostr:npub10r8xl2njyepcw2zwv3a6dyufj4e4ajx86hz6v4ehu4gnpupxxp7stjt2p8 app list?
The store is pretty dope, so far. I was happy to see a good mix of apps I already use and new ones to explore.
This may be a noob question:
I see that the apps in the store publish the SHA-256 hash for their files. But, using the store, I can't figure out how to check the hash with something like Deadhash before install, as it just goes straight to install. Is there a way to download only or check the hash before install?
Thanks!
That is not a noob question - that is an excellent suggestion!
Short answer: #induecourse
You will be able to perform hash verification, and report this to the nostr network.
In turn, you will be able to see who from your WOT has verified a particular app’s hash.
https://github.com/zapstore/zapstore/issues/101
cc nostr:npub1wf4pufsucer5va8g9p0rj5dnhvfeh6d8w0g6eayaep5dhps6rsgs43dgh9
Awseome! Glad to hear.
nostr:npub1r62uqpe3pmnaxdrmyr98zs24xt9g363pe93h3rpp24s2c7srkc5spq8emd how do you feel about submitting to nostr network that you performed the hash verification?
I think that would be a great feature.
It's a bit of a double-edged sword. On one side, it is promoting checking hashes and probably exposing people to that capability. On the other, web of trust betrays the zero-trust ethos, though it's probably the next best thing.
There's a pretty strong tech community on NOSTR that is well known and highly engaged. So, WoT seems like a viable strategy. How that works as NOSTR scales and the tech community becomes less dominant, I don't know.
I think the positives outweigh the potential negatives, though.
Cool stuff; keep it up guys!
