app signing

Play App Signing is the system where Google manages your app's signing key and uses it to sign the APKs generated from your uploaded App Bundle. You upload with an “upload key”, and Google re-signs with the secured app-signing key it stores — mandatory for new apps. It lets Google optimise delivery and recover your key if you lose it, but it also means Google holds the master signing key.

In Android Studio, choose Build → Generate Signed Bundle / APK, select “Android App Bundle”, create or pick an upload keystore, and build the release .aab. From the command line you can run ./gradlew bundleRelease after configuring signingConfigs in build.gradle. Upload the .aab in Play Console and keep your keystore and passwords backed up — losing the upload key needs a reset request to Google.