Fran is “logged in” with his npub. ZS then checks his follows list against who follows app X npub. There is some WOT score. ZS surfaces people at the top of the list with the highest WOT score.
Discussion
so it’s based on people following an npub of an account associated with the download? does it require the binary is signed by the corresponding nsec?
would be nice if there were a stronger endorsement scheme representing something like “i’ve downloaded and endorse this binary”
Just to clarify, my demo is very PoC. The longer term vision for zap.store is all devs signing binaries with their own keys.
Fully agree with stronger endorsements. We currently base WoT on contact lists because it's the best we've got - but actively thinking and experimenting with ways of expressing stronger signal
love it!
is zap.store signing a kind of interim step to establish trust until developers are setup to sign their own binaries?
💯
even nicer to see avatars. not available in the CLI PoC
Wait until you can see, and have the option to choose from nostr:npub1dergggklka99wwrs92yz8wdjs952h2ux2ha2ed598ngwu9w7a6fsh9xzpc ‘s curated list
nostr:npub18lzls4f6h46n43revlzvg6x06z8geww7uudhncfdttdtypduqnfsagugm3 check it
we’ve talked Web-of-trust before, but never seen a PoC in the wild
this is a revolution