Free Pietje ๐ต๐ธ ๐@yogthos
IIRC you also have to give G๐gle the PRIVATE keys used to sign the package.
What could possibly go wrong? (tm)
Oh yeah, G๐gle providing an update to your package with an appropriate backdoor.
I've tooted about this (quite) a while ago, but I'm too lazy to look it up.