Does the store also validate signing key (ex. for linux apps)? Or is this only for android and that's left to the package manager/installer?