Thread - Nostr Hypermedia

yeah but the reality is that it doesn't say that for the app, it just says that for the signer… so if the app was originally from some obscure key, and some influencoor publishes another copy, it will tell the copy is the real one no? I guess we're not at that point and simple deductions like this works for 99.9% of the cases

↑ Parent

Replies (2)

jb55 _@jb55.com 3 months ago

yeah that's pretty bad. think I'm going to not publish to zapstore at this time until this is fixed.

2 replies ↓

Pip the WoT guy pip@vertexlab.io 3 months ago

this influencer would put his reputation on the line. If he/she misbehaves, that's on public display. Zapstore for example publishes apps on behalf of others, and that's perfectly fine if you trust zapstore.