It has always been possible to inject third-party code into decrypted .ipa files so that they could be sideloaded onto your iPhone or iPad with more functionality than the app would have directly from the App Store, but this has always been a somewhat inconvenient method of going about it.
Fortunately, iOS developer @haxi0sm has been working on something like this for TrollStore 2 users, and appears to be making strives according to a post shared to X (formerly Twitter) Wednesday evening.
The post appears to showcase the third-party Apollo Reddit client being powered by the Artemis jailbreak tweak on an iPhone 12 running iOS 16.1.1, albeit without a jailbreak and only with TrollStore 2.
From what we can gather, the developer is using ElleKit tweak injection — the newest form of tweak injection that is currently being used by the Dopamine jailbreak. In a comment to /r/jailbreak on Wednesday, the developer says they’ve extracted ElleKit into /var/containers/jb with PostBox and signed them using fastPathSign.
This method of running tweaks inside of apps doesn’t require a jailbreak because TrollStore 2 itself has elevated privileges. This allows apps that are perma-signed with it to run certain tweaks. These tweaks do not affect processes, SpringBoard, or other parts of the system but rather only the app they’re loaded into.
So from what it looks like, TrollStore is about to get even more interesting to use. And better yet, Picasso lead developer @sourcelocation has said that Picasso will soon receive an update to support this novel tweak injection method.
Indeed… when times seem rough without a jailbreak for modern firmware, things like this always seem to come around the corner to brighten everyone’s day. It will be interesting to see what developers do with TrollStore next.
