I noticed that the various donation addresses listed here are not pgp signed by @patrick. IMHO, it would be good practice to have these in a pgp signed file linked from that page to authenticate.
Qubes does it in their security pack.
Thanks for reading.