Isn't that dangerous, that you or any developer could install a backdoor via nostr? (if your repo is compromised)
its dangerous if my key leaks yeah. it might be better to source the release pubkey from a server, but then you have to worry about the server getting compromised
I still think it's less risky then what we saw on zapstore where people were posting malware versions of apps
I still think it's less risky then what we saw on zapstore where people were posting malware versions of apps
1