I am new to graphene OS, and I have been using Obtainium and AppVerifier. Can’t find the signature for bit warden.
Bitwarden will verify automatically because it’s hash is stored in appverifier
Ah ok cool. But where does AppVerifier get it from? I thought it was good practice to verify from several sources just it case. Am I wrong about that?
Bitwarden, and many others, have been posted here:
Personally I trust the Appverifier when it gives me a little green badge 
2 Likes
Something I’ve found useful is recording in obtainium the verification status of each app using tags, one for apps matched in the appverifier database and another for those matched with a hash found somewhere other than the apk source.
Thanks, that thread seems like a very useful resource indeed.