franzap's avatar
franzap fran@zapstore.dev 1 year ago
This product is using NIP-94 (and another NIP coming up soon) for the distribution and verification of artifacts Android enforces TOFU and pinning at the OS level (APK are signed), PWAs have none of this. Installing them via zap.store can emulate these features (same signature for updates, prevent downgrading)
โ†‘ Parent

Replies (2)

Leo Wandersleb's avatar
Leo Wandersleb leo@nostr.info 1 year ago
TOFU ๐Ÿ˜ I was not familiar with "trust on first use" being called that. I'm very excited about app distribution via nostr. This might be the killer app but then again, the social graph might on its own be the killer feature many tiny baby killer apps build on. Lets make the App Store obsolete! (followed)
Leo Wandersleb's avatar
Leo Wandersleb leo@nostr.info 1 year ago
I did not get involved when drafting BIP94 but now I wonder why URL is not optional when it might be used for torrents and why there is no filename. The fallback is also not well specked. Is fallback allowed to occur multiple times or may it be `[fallback, fallback1, fallback2, ...]`
โ†‘