There was a similar thread where Play Protect blocked installation of Signal. As it turned out, said copy of Signal was indeed fake, as op downloaded it from F-Droid, where it’s not being distributed.
Then this is a KDE Connect issue. If they sign with different keys, they should use different app names (in the manifest, the visible name could still be the same).
If two apps have the same identifier but are signed with different certs, Google is right to treat one of them as an impostor.
There was a similar thread where Play Protect blocked installation of Signal. As it turned out, said copy of Signal was indeed fake, as op downloaded it from F-Droid, where it’s not being distributed.
Maybe it’s the same case here?
deleted by creator
Then this is a KDE Connect issue. If they sign with different keys, they should use different app names (in the manifest, the visible name could still be the same). If two apps have the same identifier but are signed with different certs, Google is right to treat one of them as an impostor.
deleted by creator