I was an early PGP adopter back in the 1990s and used it on a daily basis for 20 or so years. But PGP has always largely been a tool (and toy) for infosec pros and other geeks. Safely using PGP requires a fair amount of knowledge in the first place, and verifying keys, assigning trust etc. is time-consuming. Thats why most apps use the CA-based code signing facilities built into commercial operating systems. Considering that Bitcoin and other crypto currencies are being marketed to the general public, Im surprised that not all wallets do that. Its not a perfect solution, but its better than nothing.