• Dehydrated@lemmy.worldOP
    link
    fedilink
    arrow-up
    2
    ·
    edit-2
    10 months ago

    It’s more secure than F-Droid. It’s still in a pretty early stage of development though and currently only offers a handful of apps.

    • App signing key pinning: first-time app installs are verified so you don’t have to TOFU.
    • Signed repository metadata: repository contents are protected against malicious tampering.
    • Automatic, unattended, unprivileged updates (Android 12+): updates are handled seamlessly without relying on privileged OS integration.
    • First-class support for split APKs: downloaded APKs are optimized for your device to save bandwidth.
    • No remote APK signing: developers are in full control of their app signing keys.