LiveContainer

Run unsigned iOS app without actually installing it!

Allows you to install unlimited apps (10 apps limit of free developer account do not apply here!)
Codesigning is entirely bypassed (requires JIT), no need to sign your apps before installing.

Building

export THEOS=/path/to/theos
git submodule init
git submodule update
make package

Requires SideStore; AltStore does not work because it expects the app opened before enabling JIT.

Build from source or get prebuilt ipa in the Actions tab
Open LiveContainer, tap the plus icon in the upper right hand corner and select IPA files to install.
Choose the app you want to open in the next launch.
Tap the play icon, it will jump to SideStore and exit.
In SideStore, hold down LiveContainer and tap Enable JIT. If you have SideStore build supporting JIT URL scheme, it jumps back to LiveContainer with JIT enabled and the guest app is ready to use.

Patch __PAGEZERO segment:
- Change vmaddr to 0xFFFFC000 (0x100000000 - 0x4000)
- Change vmsize to 0x4000
Change MH_EXECUTE to MH_DYLIB.

Call dlopen with the guest app's executable
Find the entry point
Jump to the entry point
The guest app's entry point calls UIApplicationMain and start up like any other iOS apps.

Entitlements from the guest app are not applied to the host app. This isn't a big deal since sideloaded apps requires only basic entitlements.
App Permissions are globally applied.
Guest app containers are not sandboxed. This means one guest app can access other guest apps' data.
arm64e executable is untested. It is recommended to use arm64 binary.
Only one guest app can run at a time. This is much more like 3 apps limit where you have to disable an app to run another (switching between app in LiveContainer is instant).
Remote push notification might not work. ~~If you have a paid developer account then you don't even have to use LiveContainer~~
Querying URL schemes might not work(?)