The twentieth century gave us the peculiar institution of the checkpoint. Whether at national borders, factory gates, or building lobbies, the checkpoint performs a simple function: it separates those with papers from those without. The twenty-first century digitized this arrangement and called it the App Store.
When Apple launched the App Store in 2008, it promised a curated garden where users could download software without fear. The implicit trade was straightforward: developers would submit to identity verification, code review, and revenue sharing, and in exchange, they would gain access to hundreds of millions of customers. Google followed with the Play Store. Between them, these two corporations now control approximately 95% of mobile software distribution outside of China.
The security theater worked well enough to become invisible. Most users today cannot imagine installing software any other way. They have forgotten, if they ever knew, that for the first three decades of personal computing, people simply downloaded programs from wherever they found them. The developer's reputation was the only verification that mattered. Somehow civilization survived.
The Papers, Please
To publish an app on Apple's store, a developer must provide a government-issued photo ID, a legal name that will be publicly displayed, a verifiable phone number, and in many cases a D-U-N-S number linking them to a registered business entity. Google's requirements are slightly less onerous but follow the same pattern. Both platforms require payment through the traditional banking system.
This arrangement excludes billions of people from participating in the software economy, not as users but as creators. The unbanked cannot publish apps. Those without government papers cannot publish apps. Those living under regimes where certain kinds of software are criminalized cannot safely publish apps, because their identity is permanently linked to their work.
Consider what this means in practice. A developer in Russia who wishes to publish a VPN app must attach their legal name and identity documents to that release. As of June 2025, Russian authorities have demanded and received the removal of 113 VPN applications from Apple's App Store. The developers of these apps are now known to the Russian state. Their crime was writing software that helps people read forbidden websites.
Apple complied with these demands while simultaneously claiming commitment to human rights. The company removed independent media apps, BBC podcasts, and Radio Free Europe, all at the request of Roskomnadzor, Russia's internet censor. When confronted, Apple explained that failure to comply could mean losing the ability to operate in Russia entirely. This is true. It is also an admission that the App Store model transforms Apple into an enforcement arm of any government willing to make demands.
The False Promise of Centralized Review
The security argument for centralized app stores collapses upon examination. In 2021, a fake Trezor app appeared on the Apple App Store. Trezor makes hardware wallets for storing cryptocurrency. The fake app looked identical to the real thing: same name, same logo, same colors. Apple's review team approved it. The app remained available for nearly two weeks, during which it stole approximately $1.6 million from users who trusted that Apple's walled garden was safe.
The fake app passed review through a simple bait-and-switch. It presented itself as a "cryptography" app for encrypting files and transformed after approval into a cryptocurrency wallet. Apple had no mechanism to detect this change. The company relies on users to report fraud after they have already been victimized.
This pattern repeats across both platforms. Malicious apps slip through automated and human review. Legitimate apps get banned without explanation. The Coinbase app was removed from Apple's store for an entire year in 2013. Damus, a Nostr client, was threatened with removal because its zap feature let users send Bitcoin tips to each other, bypassing Apple's 30% cut. In August 2025, Google briefly threatened to remove all non-custodial cryptocurrency wallets from the Play Store, reversing course only after intense backlash. The message was clear: access to users can be revoked at any moment, for any reason, with no appeal.
The Satoshi Standard
The most consequential software release of the twenty-first century was published by someone who never provided a government ID, never registered a business, and never revealed their name. Satoshi Nakamoto developed Bitcoin over approximately 25 months, communicated exclusively through pseudonymous channels, and disappeared in 2011 without ever being identified.
The Bitcoin network now secures hundreds of billions of dollars in value. Its code has been scrutinized by thousands of developers. It operates continuously across the globe without any central point of failure. None of this required Satoshi to prove their legal identity to a corporation in Cupertino.
Imagine if the App Store model had existed for software distribution in 2008. Satoshi would have needed to provide a passport, link a bank account, and agree to terms of service that included the right of Apple or Google to remove Bitcoin at any time. The software that enabled permissionless money would have required permission to exist.
The Alternatives That Almost Work
Before Zapstore developers seeking escape from the App Store duopoly had limited options, each with significant compromises.
F-Droid is the oldest and most respected alternative for Android. It hosts only free and open-source software, which is admirable, but its architecture introduces a fatal flaw: F-Droid builds apps from source and signs them with its own keys. You are not trusting the original developer. You are trusting F-Droid. Every update requires trusting them again. They become a single point of failure, a trusted third party in a system that was supposed to eliminate trusted third parties.
Obtainium takes a different approach, fetching APKs directly from developers' GitHub releases. This removes one layer of trust, but Obtainium lacks signature verification. You trust that GitHub has not been compromised, that the developer's account has not been hijacked, and that the binary corresponds to the source code. These are reasonable assumptions most of the time, but they are still assumptions rather than cryptographic guarantees.
Both systems represent improvements over the Play Store monopoly. Neither solves the fundamental problem: establishing trust in a developer without requiring a central authority to vouch for them.
Zapstore: It Just Works
We have tried to publish software through the official channels. The experience is deliberately hostile. Apple requires a $99 annual fee, government ID verification, and a review process that can reject apps for arbitrary reasons with no meaningful appeal. Google's Play Store is marginally less painful but still demands identity documents and bank accounts. The process exists to filter out the uncommitted and the undocumented, which sounds like a feature until you realize it also filters out dissidents, the unbanked, and anyone who values privacy.
Zapstore was the first app store where publishing just worked. No account creation. No identity verification. No review process. No waiting. We signed our release with a Nostr key and published it to the relay network. That was it. Users who follow us or who trust people who follow us can find our app and verify that we signed it. The entire interaction took minutes, not weeks.
The technical architecture is elegant. When a developer publishes a release, they create a signed Nostr event containing app metadata, version information, and a hash of the binary. This release event points to the actual package, which can be hosted anywhere. Users downloading the app verify that the signature matches the developer's public key and that the package hash matches what was signed. No corporation in the middle. No government paperwork. Just cryptography.
What makes Zapstore genuinely social is the app event system. Users can publish recommendations for apps they use and trust. These recommendations propagate through your social graph. If three people you follow all recommend the same Bitcoin wallet, that signal is far more meaningful than a thousand five-star reviews from strangers on the Play Store. The web of trust replaces the walled garden.
The Unbanked Developer
Beyond identity requirements, existing app stores demand participation in the traditional financial system. Apple and Google take 15 to 30 percent of all sales. Developers must receive payment through bank accounts in supported countries.
This excludes an enormous portion of humanity. Over a billion adults globally remain unbanked. They cannot publish paid apps. The software economy is closed to them by design.
Zapstore enables payment through Bitcoin's Lightning Network. Developers can receive tips and payments directly from users without any intermediary taking a cut. No bank account required. No identity verification required. No geographic restrictions. In countries with capital controls or governments that freeze dissident bank accounts, the ability to receive payment pseudonymously can be the difference between financial independence and destitution.
The Road Ahead
The objection will be raised that permissionless app distribution enables malware. This is true. It also enables privacy tools in Russia, financial applications in countries with broken banking systems, and innovations that incumbent platforms would prefer to suppress. The question is not whether a system can be abused, but what trade-offs we are willing to accept.
Centralized app stores promised safety in exchange for control. They delivered control but not safety. Fake apps still proliferate. Scams still cost users millions. Meanwhile, the infrastructure of control has been weaponized by authoritarian governments to silence journalists, block privacy tools, and create permanent records linking developers to software that might someday become illegal.
The ability to publish code without permission is not a fringe concern for criminals. It is the foundation of digital freedom. Any system that requires government papers to publish software will eventually be used to suppress software that governments dislike.
The checkpoint was always the point.