All glory to empanda maxi nostr:npub1wf4pufsucer5va8g9p0rj5dnhvfeh6d8w0g6eayaep5dhps6rsgs43dgh9
Discussion
How are the names of the WoT people selected? People I follow who have also used zapstore to download?
Fran is “logged in” with his npub. ZS then checks his follows list against who follows app X npub. There is some WOT score. ZS surfaces people at the top of the list with the highest WOT score.
so it’s based on people following an npub of an account associated with the download? does it require the binary is signed by the corresponding nsec?
would be nice if there were a stronger endorsement scheme representing something like “i’ve downloaded and endorse this binary”
Just to clarify, my demo is very PoC. The longer term vision for zap.store is all devs signing binaries with their own keys.
Fully agree with stronger endorsements. We currently base WoT on contact lists because it's the best we've got - but actively thinking and experimenting with ways of expressing stronger signal
love it!
is zap.store signing a kind of interim step to establish trust until developers are setup to sign their own binaries?
💯
even nicer to see avatars. not available in the CLI PoC
Wait until you can see, and have the option to choose from nostr:npub1dergggklka99wwrs92yz8wdjs952h2ux2ha2ed598ngwu9w7a6fsh9xzpc ‘s curated list
nostr:npub18lzls4f6h46n43revlzvg6x06z8geww7uudhncfdttdtypduqnfsagugm3 check it
we’ve talked Web-of-trust before, but never seen a PoC in the wild
this is a revolution