I was reading through the new Android App Bundles format that Google is planning to enforce in 2021. From what I understand I realised that Signing the app will no longer be in the developers hands now since Google will have to sign the multiple APK’s created out of the app bundle being uploaded on the Play Store.

I have a few questions with regards to this in mind –

  1. From what I have read I will have to upload my keystore for the apps and Google will take care of the signing process. Given than how will Google manage to access keys in my keystore? Will I have to input my keystore password somewhere?

  2. Can this keystore of mine contain multiple public/private key pairs and can I ask Google to sign my app with multiple such keys inside the Keystore?(probably using version 2/3?)

  3. I have read about the PEPK tool in the documentation but I cannot fully wrap my head around how it will work and how Google will access multiple keystores(if allowed) using this? I am still unsure of how the PEPK tool works.

Forgive me if these questions seem too basic or naive. I am trying to understand the process as a beginner. Thanks!