if the market is centralized the community can
lead the market
The community might be able to propose certain stuff, but only you can lead or rather choose its path.
We simply use our own. The Vendors have a PGP and can more, maybe a mnemonic, uuid, auth token etc....
AFAICS, there's "at least" one way
[directly or as a workaround] for every single one of them, that "doesn't" prevent an inside job from taking place
[unfortunately].
Thanks for the feedback (i really need that),
Thank you as well for your answers.