{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreic3rrczk763m77hkv2waeorum5u4yo462ouwamnbohleadbf773sm",
    "uri": "at://did:plc:34cg4tn4iwemk3v5k3n3adwf/app.bsky.feed.post/3mlqipxknqhl2"
  },
  "path": "/t/verify-apk-file-downloaded/34332#post_10",
  "publishedAt": "2026-05-13T12:37:45.000Z",
  "site": "https://forum.f-droid.org",
  "tags": [
    "@Licaon_Kter",
    "gstatic.com"
  ],
  "textContent": "@Licaon_Kter I just checked on what was probably hash mismatching and it seems tk check out KeepassDX I have had problems with before making me lose passwords. Pretty important apl you would guess it is a target. They may have already derailed me I was getting hash mismatches on first install and you can’t really see what F-Droid is doing. This is may be like the secondary root of trust that now checks out. When did fdroid reissued pgp key last? Sortof like fakeGoogle where gstatic.com javascript takes your password and relays it to realGoogle (secondary root of trust).",
  "title": "Verify apk file downloaded?"
}