Yeah binary patching would basically solve this issue and wouldn't be any more of a hassle for the user than vanced already was. For a similar example, see the way most alternative Minecraft servers download and patch official binaries on first start (they started doing this due to getting a bunch of DMCA takedowns a few years ago).
With a bit of effort, Vanced could even have the download page perform the patching and signing in JS/wasm, then include the privkey in the app so it could download, patch and sign new copies of itself on the fly.
Or, for better security, have a web service that signs any APK that matches a set of hashes. Clients patch the APK locally, then send it in to get signed - everyone now has byte-identical APKs, but Vanced severs never technically distributed Google's binaries.
Not the online or browser-based signing, no, but LuckyPatcher lets you patch APKs locally (I think their specific implementation requires root, but that wouldn't be necessary if APKs were downloaded in-app). I was actually really surprised when I first found Vanced that it wasn't using something like LP and instead distributing pre-modded APKs.
Good call, I didn't think of that. I believe that the non-root approach for LuckyPatcher is to create a separate, (limited) modified APK file rather than modifying an existing, installed app
With a bit of effort, Vanced could even have the download page perform the patching and signing in JS/wasm, then include the privkey in the app so it could download, patch and sign new copies of itself on the fly.
Or, for better security, have a web service that signs any APK that matches a set of hashes. Clients patch the APK locally, then send it in to get signed - everyone now has byte-identical APKs, but Vanced severs never technically distributed Google's binaries.