Trust center

Built for local, traceable iOS release decisions.

StoreShield is designed to help a developer understand what an App Store submission artifact may trigger before upload: real blockers, review risks, and manual metadata checks stay separated.

Download Direct app See pricing

Release proof

Direct DMG is Developer ID signed, notarized, stapled, and shipped with SHA-256.
Direct updates use a Sparkle EdDSA appcast hosted on storeshield.app.
Mac App Store build is approved for distribution; purchases and updates are handled by Apple.
Criteria packs are versioned, checksummed, and verified before being used by the app.

Current state

Mac App Store listing Sparkle appcast Latest Direct DMG DMG SHA-256 Public criteria releases Apple Privacy Manifest Required Reason APIs

Security / local-first

IPA and xcarchive contents stay on your Mac; StoreShield does not upload the build artifact.
No Crashlytics or third-party crash telemetry in the app.
The Direct license server only validates subscription/license state; scan data is not sent.
Back office access is protected by Cloudflare Access and admin bearer tokens.

Criteria changelog

Installed and remote criteria versions are visible in the app.
Reports include the criteria version used to generate them.
When rules change after a report, StoreShield recommends a rescan instead of silently reusing stale assumptions.
Human changelog: what changed, why it matters, and which Apple source or ITMS code applies when public.

Direct vs Mac App Store

Direct

Paddle license, 7-day trial, Sparkle updates, up to 3 Macs.

Mac App Store

StoreKit subscription only, Apple manages purchase, restore, and updates.

Sample verdicts

READY

No upload blocker detected; remaining checks are informational or manual.

RISKY

Submission may pass upload, but warnings can trigger App Review follow-up.

BLOCKED

A critical upload or review blocker should be fixed before submission.