Could you please release the desktop binaries (in my case the .appimage) with a signed checksum? I realize that some may doubt its marginal benefit but I’d argue that not having its packages verifiable with a public key is even more odd for an app with great security. The current checksum assures integrity and not directly security.
The release of a signed checksum, to my understanding, also doesn’t take much effort so it could increase security at little cost by making packages independently verifiable and thereby assuring authenticity.