Someone could push a malicious update with a naive app too.
We do have plans to mitigate this. You can always self host it (we're partnering with some providers for a one click deploy). Also we want to do some stuff where it'll only update the wasm binary if it is signed by us.
benthecarman / Carman
npub1u8…6turz
2023-05-27 08:06:52
in reply to nevent1q…ewpf
Author Public Key
npub1u8lnhlw5usp3t9vmpz60ejpyt649z33hu82wc2hpv6m5xdqmuxhs46turzPublished at
2023-05-27 08:06:52Event JSON
{
"id": "0fa635ea2fe200079d081060d9487727e23599a0b8a4896e3e4d7dc56ec1e2fb",
"pubkey": "e1ff3bfdd4e40315959b08b4fcc8245eaa514637e1d4ec2ae166b743341be1af",
"created_at": 1685174812,
"kind": 1,
"tags": [
[
"e",
"0a1da47f9722dd606cdbc0f6b11d01d74639c1acb1306fb960437b379fa5d609"
],
[
"p",
"5be6446aa8a31c11b3b453bf8dafc9b346ff328d1fa11a0fa02a1e6461f6a9b1"
],
[
"p",
"df173277182f3155d37b330211ba1de4a81500c02d195e964f91be774ec96708"
],
[
"p",
"a60e79e0edad5100d7543b669e513dbc1c2170e8e9b74fdb8e971afd1e0e6813"
]
],
"content": "Someone could push a malicious update with a naive app too. \n\nWe do have plans to mitigate this. You can always self host it (we're partnering with some providers for a one click deploy). Also we want to do some stuff where it'll only update the wasm binary if it is signed by us.",
"sig": "f7c395f6d92e80ac64c7bdea9a1701d7dabdb8b2c18a3a8e245b2b1058fca6db185f173921a7f7d35b1b424041ee33f983638d97401db00fc1286349c927e351"
}