Publish an APK upon each release

[emersonian]

Is your feature request related to a problem? Please describe.

Android users who opt out of using Google cannot currently install Zashi without building it from source.

An example is users of GrapheneOS.

Describe the solution you'd like

Have CI publish an official APK for Zashi on Github upon each release.

Alternatives you've considered

F-Droid is another great place to publish, but releasing an APK is a must for users that want to install Zashi without depending on any app stores.

Additional context

Follow in the footsteps of Signal, Proton, Bitwarden, and many wallet apps. Publishing an APK is a privacy best practice in the Android ecosystem.

Not publishing an APK is actually a security risk because scraper sites like APKPure, APKCombo, end up hosting your app's APK without your team's permission or knowledge, presumably scraped from the Google Play store. This can be a way that users encounter malware-compromised builds of your software.

Related ecosystem APKs:

• Edge: https://edge.app/app
• YWallet: https://github.com/hhanh00/zwallet/releases/tag/v1.7.0%2B4
• Zingo: https://github.com/zingolabs/zingo-mobile/releases/tag/zingo-1.3.7
• Trust Wallet: https://trustwallet.com/download/apk

[HonzaR]

Hi @emersonian, this is a great idea. We have already discussed this internally some time back. We could go the GitHub releases way until we decide which server/website we'd like to deploy to. Users can poll different APKs from GitHub even now from GitHub -> Actions -> Deploy/Pull Request -> Artifacts -> Binaries (like from this), which contains release/debug/mainnet/testnet variations of APKs, although this way is not that user-friendly.

[emersonian]

Great to hear! I believe the CI build artifacts expire after a period of time, so yes I'm all about a more user friendly approach that serves as a permanent archive. Being able to access all previous builds will also aid security auditors and facilitate QA regression tests (2026: "does Zashi v0.x still work with today's chain and nodes?").

Thanks for the quick response.

[stokito]

The F-Droid build is important. Currently there is only one app with the ZCash support

[HonzaR]

Hi @stokito, Thanks for the message! We already started with the F-Droid integration but needed to move on to other tasks. Hopefully, we'll be able to finish it in the upcoming weeks.