The thing is that doesn’t work! Because your app for example has a signature. If someone is able to get your signing key they can publish scam updates of your app. You can do nothing about this because you can’t change the app signature once published. So better be safe than sorry