I don't think it would be possible unless the app store pins an npub to a signing key or group of signing keys. Other npubs couldn't then pin the same. I am concerned this approach may be primitive and I just thought of this as I saw your reply. Would have to brainstorm. My assumptions are exact on how Zapstore works then. We seriously need more online identity layers not reliant on a KYC'd or centralised platform, but they'll always be used because they can be recovered and their login mechanisms are undeniably far more secure. It's a trade off but I guess it's worth it in this space. When an npub is pwned it is pwned for life. No account recoveries, no password resets, nothing... A passphrase derivation for npubs could solve some issues but still a provider would need to set up their own account system to provide 2FA to prevent a phishing attack. Google SSO may not be so private but it is extremely secure if your account is... Bunkers or signer apps like Amber may alleviate concerns but then you're entirely reliant on your device's security.

I'm looking forward to FROST/multisig for Nostr. We might not be there yet but we are going to surpass the security of Google SSO.

There is an effort to link npubs with APK signing keys:

GitHub

NIP-39 cryptographic identities by franzaps · Pull Request #1335 · nostr-protocol/nips

Rendered Following the discussion on #1182 I have: Integrated my changes onto NIP-39 (from what was NIP-69) Updated the PGP type according to http...

@Final if you have any comments on it I would appreciate it