Would you like to try it now? Hopefully it works.
see https://github.com/zapstore/zapstore-cli
I already whitelisted your npub in the relay
When zap.store is ready i'll change the keys and start publishing the hashes
For now you can check if Amber is signed with the key 56dc631996a55c2284790448c7dc9f1dd05df596b2ce4882313633f5602e5fe4 and try to check if the apk is reproducible by building it and see if it matches the content inside the apk
The best way of doing this i found was adapting the signal docker file
https://github.com/signalapp/Signal-Android/tree/main/reproducible-builds
If you dont want to do this its better to wait for when i start signing with my new keys in zap.store
Discussion
Nice, I'll just finish something I was doing and I'll try