Trust states
Every.vibeapp is assigned one of four trust states when it is opened.
| State | Condition | UI |
|---|---|---|
| Signed + Trusted | Valid Ed25519 signature from a publisher in the user’s trust store | Green indicator; capabilities shown but not gated |
| Signed + Untrusted | Valid signature, publisher not in the user’s trust store | Yellow warning; prompt to trust publisher or proceed cautiously |
| Unsigned (Dev Mode) | No signature — intended for local development | Orange warning; user explicitly acknowledges running unsigned code |
| Tampered | Signature present but verification fails, or file digests do not match the manifest | Red block; app cannot be opened |
Verification flow
When a package is opened, the host app runs this sequence:- Check for
publisher.signingin the manifest - If absent → classify as unsigned
- If present → verify the detached signature against the public key and the root manifest hash
- If signature is invalid or any file digest mismatches → classify as tampered and block
- If signature is valid → check whether the publisher’s public key is in the user’s trust store
- Classify as trusted or untrusted accordingly
Signature algorithm
- Key type: Ed25519
- Hash: SHA-256 over all package files, sorted by path (BTreeMap order) for determinism
- Signature format: Detached signature stored in the archive at
publisher.signing.signatureFile - Public key: Stored in the archive at
publisher.signing.publicKeyFile
Trust store
The user’s trust store is maintained by the macOS host app. A publisher is added to the trust store when:- The user clicks “Trust this publisher” in the untrusted-package prompt
- A package with the publisher’s public key is installed via a trusted channel (e.g., the official release)