Yes, I use Obtainium and F-Droid (via the Droid-ify fork) for most of my apps, fantastic software! 🫡

As for Amber, is a bug that exposes my nsec a significant threat? Also, how does it protect your keys? I understand the signing aspect, but couldn't a bug theoretically expose them in Amber as well?