Description

"The user joins the community, and the community does a lot of the
heavy lifting."

href="https://njump.to/npub1wf4pufsucer5va8g9p0rj5dnhvfeh6d8w0g6eayaep5dhps6rsgs43dgh9">Franzap
& href="https://njump.to/npub1dergggklka99wwrs92yz8wdjs952h2ux2ha2ed598ngwu9w7a6fsh9xzpc">Gigi
take a walk in Oslo.

href="https://sovereignengineering.io/podcast/26-zapstore-w-franzap">Listen
on sovereignengineering.io

In this dialogue:

• How Zapstore grew out of the first Sovereign Engineering cohort in
  Madeira, earlier experiments like href="https://github.com/franzaps/zapthreads">ZapThreads, and
  Franzap's frustration with closed mobile app stores
• Why Ninite, app stacks, and
  curated discovery mattered as much as the raw "permissionless app store"
  idea
• What it means to run Zapstore as a real marketplace: breaking the
  chicken-and-egg problem by pre-populating supply, signing apps under the
  Zapstore key, and gradually moving developers toward
  self-publishing
• Web-of-trust computation, trust providers, and why app distribution
  raises the stakes far beyond regular social posting
• Franzap's "credible exit" framing: sometimes you dial down
  decentralization to improve UX, as long as users can still verify,
  leave, and choose another community
• ZSP, the Zapstore
  publisher CLI, and how agents can already build and publish Android apps
  without the developer even owning an Android phone
• Device keys, encrypted preferences, onboarding trade-offs, and why
  social features, comments, and zaps are a different problem from simply
  installing an app
• Why app lists are a privacy leak, how update infrastructure can turn
  into a honeypot, and what it means to distribute software without
  building a profiling machine
• The operational pain behind a living app catalog: pre-releases, key
  rotations, migrations, certificate mismatches, and endless edge
  cases
• Google's tightening sideloading and KYC rules, Apple's
  developer-account maze, and why every new permissioned hurdle makes the
  permissionless route more compelling
• Why Zapstore may matter most for people at the edges: controversial
  apps, developers outside the usual payment rails, and users who cannot
  or will not pass through the official gates
• What's next: default communities, reviews, malware checks, privacy
  analysis, reproducibility, and smoother handoffs from indexed apps to
  self-published releases

People mentioned:

• href="https://njump.to/npub180cvv07tjdrrgpa0j7j7tmnyl2yr6yr7l8j4s3evf6u64th6gkwsyjh6w6">fiatjaf
  (built an earlier Nostr-native commenting system that influenced
  ZapThreads)
• American HODL / Viper (example of agent-built, agent-published
  Android apps)
• DHH and PewDiePie (part of the closing Linux detour)

Projects & tech mentioned:

• Zapstore
• ZapThreads
• ZSP (Zapstore
  publisher CLI)
• Nostr
• GrapheneOS
• OpenSats
• Ninite
• href="https://zapstore.dev/apps/org.fossify.voicerecorder">Fossify Voice
  Recorder
• Phoenix Wallet

Recorded at href="https://mempool.space/block/951851">951,851.