http://fdroidorg6cooksyluodepej4erfctzk7rrjpjbbr6wx24jh3lqyfwyd.onion/tr/2023/07/15/community-controlled-backup-ceremony.html
The operators of the signing server and the holders of the backup data verified each others’ identities via F-Droid networks, PGP Web of Trust, and checks of government issued IDs. Pieces from a minimum of two jurisdictions are required to decrypt: EU, Europe non-EU, US. One important factor in reliable backups is regular updates. New apps are constantly being added, and those usually get a new signing key assigned.