Concept Note

A great number of mobile apps have been developed to assist users in high-risk scenarios, but little has been done to address the issues facing distribution of the apps themselves. Google Play is blocked in many countries, and app stores like iTunes often censor to comply with regional law, whether just or not. Regional app stores are often cesspools of malware. In many countries, people exchange apps through web forums, email, bluetooth, SD Card, or any other method they can figure out, whether safe or not. Effective techniques for circumventing censorship exist, such as accessing services via proxies or mirroring content on cloud services. These techniques work in many places, none work in all, and most organizations are not able to take advantage of them all. This current state requires users, trainers, developers, and organizations to be aware of many pieces in order to effectively distribute mobile apps.

In the first round of Bazaar, we focused on empowering the user by creating decentralized and peer-to-peer techniques for sharing apps between devices. The next step is to focus on the app developers and organizations by providing tools to secure their entire app release process and to publish their apps into this decentralized system. The developer experience will be a simple set of commands that automate the entire distribution workflow: making highly secure, reproducible builds then getting them out through all channels possible. Organizations that make curated collections of apps will have tools to verify that those apps match the original source. Once configuration is complete, there are only three commands for regular use: `fdroid publish` makes new releases, `fdroid update` updates the app repository, and `fdroid server update` pushes everything to the public. The user gets a familiar app store experience, regardless of the complexity behind their successful connectivity.

Beyond the Guardian Project's use of these methods (, this matches real world needs expressed by our colleagues. Psiphon already contributed support for Amazon S3 to automate their own process. Benetech needs highly targeted app collections to deploy their Martus system, and these distribution channels must be secret and secure. StoryMaker is pushing for distribution of their app, along with supporting third-party apps, to a highly censored context. They all need a well-defined, audited process, toolkit and user experience for ensuring their users can safely access and update these apps, regardless of the pitfalls and roadblocks along the way.

The funding we seek is to focus our existing team on this end-to-end problem, with the work spanning further development of the fdroid toolchain, release workflow design and auditing, usability improvements, and training content development. The work will be done in partnership with F-Droid Limited, an English non-profit organization funded by direct donations, and we include support for their efforts through this funding. Over the past 18 months, we have built a solid working relationship with that team, and they have taken on these goals of security and decentralization as part of their mission.
For technical details:

This is the concept for the second phase of Bazaar. For the first phase, see Core Concept