How does Obtainium handle package/apk verification?
This is your periodic reminder to install Amethyst (and all other Nostr clients) through Obtainium instead of Google's PlayStore.
You not only receive faster updates (the PlayStore is currently 4 versions behind) but you also start the process of freeing yourself from your invisible digital overlords.
Just follow this video: https://cdn.satellite.earth/2bd7e308c1797d64fca09b1d61e9bde24c68dd45e501c7383eff1e85392df11f.mp4
Discussion
It doesn't. They are adding a way to check for hashes against a "trusted database", but afaik not live yet
Keep in mind that this is only needed for first installs
It doesn't but if you are provided a malicious update to an already installed app android handles the verification and will prevent the installation of the update if it was not signed by the developer.
The first installation is only time you usually risk a mitm attack