Oddbean new post about | logout
 solving fake apps in app stores

automatic signature and provenance verification over nostr

cc @NVK @ODELL 

#SOVENG
https://m.primal.net/HbiR.jpg 
 discovering and installing a nostr app from another nostr app

the protocol IS the app store

play this out: NOSTR FIXES DISCOVERABILITY
https://m.primal.net/HbiT.jpg 
 👀🔭 
 https://image.nostr.build/d36017556cc08acb2188f0dade362da89eeb443579e96e1785ae9cd21261895c.jpg 
 I will still never understand IOS nostr users... 
 How is this related to iOS?? 🤔 
 My bad I only saw the meme and thought this was related to the apple store bs 
 😅😅😅😂 it happens 
 u gotta fight them in their turf.
apple sucks, but it has a fuck ton of users 
 Yeah, sad truth  
 Nice 
 This could be huge for verified and signed PWAs. 

nostr:note1hjv5s9syrvd3hvpu9agrzys2d82zldsu5xlqjulymkeejr5v0lqswwzy5n  
 👀👀 
 Details, please! Is this PWA distribution via nostr events? Or is the PWA signature on nostr? What is signed there? I'm very eager to learn for WalletScrutiny where I had PWAs kind of dismissed as impossible to get secure against hacked servers for example. 
 On Google phones, the OS won't let you down-grade apps or upgrade them to a version that's signed by a different key. I want this for PWAs. Of course, as admin I want to be able to override it but it would be great to have such a lock-in that no random hacker on a webserver could circumvent. 
 This product is using NIP-94 (and another NIP coming up soon) for the distribution and verification of artifacts

Android enforces TOFU and pinning at the OS level (APK are signed), PWAs have none of this. Installing them via zap.store can emulate these features (same signature for updates, prevent downgrading)

 
 TOFU 😁 I was not familiar with "trust on first use" being called that.

I'm very excited about app distribution via nostr. This might be the killer app but then again, the social graph might on its own be the killer feature many tiny baby killer apps build on. Lets make the App Store obsolete!

(followed) 
 I did not get involved when drafting BIP94 but now I wonder why URL is not optional when it might be used for torrents and why there is no filename. The fallback is also not well specked. Is fallback allowed to occur multiple times or may it be `[fallback, fallback1, fallback2, ...]` 
 This is that thing you guys just talked about on Bitcoin dot Review,  isn't it? 
 Yes, Pablo mentioned it 
 👀 
 @franzap demo?  
 Yessir! Sorry it looks like shit 😆  until I apply your knowledge 
 No stress sir, make it work first 💪 
 I'd pay to listen in on demo day at this point 👀👀👀 
 I volunteer to be janitor 
 DUDE 🤯 
Nostr is one of those technologies where every time I see it applied to other stuff, the application is both mind boggling and so obvious.  Amazing. 
 This introduces interesting attack vectors that will need to be mitigated. 
E.g. When a person gets hacked, then that could introduce many "scam" apps to people that followed the person. 
 🏈 
 You can mitigate this with external code verifiers: 
- that get payed to do that 👉  Verifiers DVM's
- that pay to do that 👉  early beta access

(and then of course we need key rotation asap for way more reasons than just this) 
 Yeah, key rotation is a big missing piece currently  
 The framework that I like to think in is "desirables vs undesirables":

- If the user action is desirable, the user should be rewarded sats.
- If the users gets value from the content, they should be nudged to voluntarily pay sats for it.
- If the action is undesirable it should cost sats. 
 “trust” is delegated from the AppStore bureaucrats who let scam bitcoin wallets in anyway, to your WOT. 

Would you expect all of your WOT to get hacked at the same time @nout ? 
 I'm assuming that not all people in your web of trust need to verify the app. So there will be some threshold. E.g. "at least 3 people in your WOT with score over 5 verified app ABC". And then yeah, 2 people could be hacked, especially over longer term. There are definitely ways to mitigate these issues... 
 Would Multi sig fix this? 
 Maybe? Are you thinking that when a new person verifies the app, the verification has to get interactively signed (with multisig) by other people? Or are you thinking co-signing with the store or some verification system paid for co-verifying? 
 With the likelihood of multiple secret key being compromised, a release has to get X number of signatures before considered verified by clients and thus downloadable.

Whether the signatures are independent or m-of-n multi-sig is something to explore.

In the case of paying for co-verifying I think it will have the wrong incentives if an invalid verification isn’t penalized somehow and the affected users reimbursed? 
 Even if someone you trust gets compromised in that way the WoT of the scam would be very low. That’s the magic of WoT and how humans already behave 
 Agreed for common apps that many people use, but the issue can happen for new apps with only couple users, right? 
 no, really, WoTs fixes this; an app with only a couple of users will still have a a low WoT score. 
 Could you please explain this to me like I'm completely stupid? 😃

Let's say there are 5 users that already have solid WOT score. Now 2 of them get hacked and hacker installs and "verifies" an AppX. 
Unless the other users get somehow notified of the hack, they will see the AppX as "verified" and may potentially install the app too, no? What would prevent it? Some lower bound limits on how many people are needed to "verify"? 
 I’m surprised something like this hasn’t been done before its genius 👀 
 This will be the case for “reviews” too. Only show people in my network reviews. 
 Very much counting on it 👌 nostr:nevent1qvzqqqqqqypzp22rfmsktmgpk2rtan7zwu00zuzax5maq5dnsu5g3xxvqr2u3pd7qy88wumn8ghj7mn0wvhxcmmv9uq3zamnwvaz7tmwdaehgu3wwa5kuef0qqsgz5n6f2hkn5l7sehw05fh8lqaelyjhc4mleerdknd3wsrpaks7rsl0tzxm 
 Great idea. I just about had my whole stack siphoned last weekend over a fake version of sparrow that was listed as a mobile app. 
 Could you explain more 
 An app on my phone which I intended to use for setting up a watch only wallet for my cold card somehow managed to get at my cold card keys when I sent the QR of my wallet descriptor to it. Dumb move. Definitely a case of just enough knowledge being dangerous. It was able to sign and broadcast a transaction but the transaction couldn’t seem to confirm fully on chain. It was pending for three hours while I scrambled to figure out how to replace-by -fee all the UTXO’s to a temp location. I still don’t understand despite the app (or whomever harvested my keys off it) being able to sign the transaction and broadcast it, the transaction wouldn’t be added to a block even though the estimated time to confirmation came and went a couple of times. At one point the estimated time to confirmation was down to 10 minutes and no bars had filled to indicate that any of the one of six confirmations had occurred. Maybe because I’m always fully air gapped with my setup. I came very close to losing my whole stack. I just about had a heart attack when I looked at the unauthorized transaction and it showed a couple dozen UXO’s funnelling down to one unknown address in a single transaction. Not to mention the friggin heart attack I had moving all of my UXO’s to a temporary address all in one shot, knowing that if I got even one letter incorrect in the receiving address that I was going to lose everything. Then, once the cold cards were wiped and reestablished with new seeds, I had to move everything again. The whole thing freaked me out to the point where I found myself incessantly checking my wallets’ balances all week to make sure that I had indeed isolated the source of the exploit. 

If I had watched this week’s price action play out without my stack in my possession I would’ve jumped off the roof headfirst. Lol. 
 i didn't understand 
 nostr:nevent1qqstex2gzczpkxcmkq7z75p3zg9xn4p0kcw2r0sfw0jdmvuep6x8lsgpz3mhxue69uhhyetvv9ujuerpd46hxtnfdupzp75cf0tahv5z7plpdeaws7ex52nmnwgtwfr2g3m37r844evqrr6jqvzqqqqqqy8dy2p8 
 Ooooh o_O 
 Nostr + Obtainium? 
 💥