If the assertion is ultimately just a text file with a GPG signature, is it not possible to use the underlying store key to sign a handwritten (likely, computer generated & manually modified) assertion? Ultimately to the recieving snapd clients, they’re just files on a web server.
Appreciate this might be one of those “We’d rather not” scenarios but ultimately if there’s a service in Canonical somewhere that’s generating signed assertions already, can it not be modified to allow an override and pass some of the responsibility onto the client side? Ultimately these are special cases from trusted publishers and there’s still human review.
Even easier, allow the review tools to simply be laxer for specific snaps, which I feel is already the case with e.g., setuid bits in certain key snaps (e.g., Chromium), what’s the difference between a single bit that gives root access vs an interface that does significantly less?
Edit: context for the above: