That’s a good question, but this isn’t actually a new risk unique to Nostr. Any software distribution channel depends on some account or key. If an attacker gained access to GitHub maintainers’ accounts, or to DNS records, the outcome could be the same. Nostr doesn’t make this problem worse... it just changes the medium. More importantly, Wasabi doesn’t auto-update. The client only notifies users that an update is available. Before any update is accepted, the client independently checks that the binaries are signed with our official PGP key, which is bundled into the software. If the signatures don’t match, the update is rejected. On top of that, operating systems themselves add another layer of defense. Windows and macOS both enforce developer certificate checks at runtime, so an attacker would also need to compromise our Apple and Microsoft signing certificates to avoid OS-level warnings. Compared to our previous GitHub-based distribution, this is actually a step up in security. Back then, compromising a single maintainer account could have been enough to trick clients into surfacing a malicious update. Now, even if someone compromised our Nostr key, they would still face multiple cryptographic and OS-level hurdles before a malicious build could ever be accepted by users’ machines.

We are proud to announce that Wasabi Wallet v2.7.0 is our first release fully distributed through Nostr. Instead of relying on GitHub or DNS, clients now receive update notifications directly from notes published by Wasabi’s Nostr public key. This ensures that even in the event of infrastructure outages or black swan scenarios, we can deliver emergency fixes seamlessly. For users, the update process remains unchanged: smooth, secure, and reliable. For the project, this marks an important step toward resilience: guaranteeing that users will always be able to securely access their funds with Wasabi, without sacrificing privacy by restoring seeds on less private wallets. Of course, we also want to thank relay operators for making it possible to implement features like this.

Because of how settings are implemented in Wasabi, when a CLI argument is specified (what it seems you did), modifying settings from the UI could create weird behavior. Lately we made a lot of improvements to how settings work, so it would make sense to remove this restriction, however we didn't make this "feature" yet.

🚨 New release 2.7.0 is here! 🚨 v2.7.0 is a stabilization update that boosts reliability while bringing a fresh look & smoother performance. 🟠 Enhanced Node Integration 🎨 Refreshed UI ⚙️ 1 Config/Network 🤯 Smarter Coordinators 🛠️ Many Bug Fixes 👉https://github.com/WalletWasabi/WalletWasabi/releases/tag/v2.7.0 🟠 Enhanced Bitcoin Node Integration Bitcoin node connectivity is now more seamless. RPC endpoint handling has been refined for smoother setup, with support for onion-service RPC interfaces. Additionally, Wasabi no longer bundles bitcoind binaries, while block downloading has been simplified and made more dependable. 🎨 Refreshed UI with Icons & Animations The interface has been given a polished update. Subtle animations and a balanced color scheme breathe new life into Wasabi’s design, making it both cleaner and less aggressive. ⚙️ Dedicated Config Files Per Network Each network Mainnet, Testnet4, and Regtest — now has its own independent configuration file. Switching to test networks is easier and your preferences are always preserved. 🤯 Stronger & Smarter Coordinators Coordinators are automatically published as onion services right out of the box: no manual Tor setup needed. Coordinators can now also run on pruned nodes in blocksonly mode. Plus, fallback fee rate providers were implemented (mempool.space and blockstream.info), ensuring accurate fee estimates, even if your node can’t provide them. 🛠️ Refinements & Fixes - Full-RBF by default: All transactions are treated as replaceable. - Resilient HTTP communication: Smarter retry handling makes connections sturdier. - Seed recovery fixes: Annoying typing issues are resolved. - Sharper fee estimations: Precise decimal calculations with no rounding loss. - NBitcoin updated to 8.0.14: Latest Bitcoin protocol improvements included. - Clearer terminology: “Backend” is now called “Indexer.” - Lean codebase: Legacy components like TurboSync and BlockNotifier removed. - Safer Coinjoin handling: Excluded Coins can only be changed when Coinjoin is paused. - Donation Button removed from Main Screen: The button is gone, but donations are still possible via the search bar. - Conflux by default: Better Tor configuration for improved connectivity.