In order to increase the upload endpoint security we may introduce a list of trusted GPG keys on server side in the User profile.

• A public GPG key could allow verify uploader before the upload.
• Additionally we can try to validate the uploaded file - if it would be not too much overhead to e.g. validate the first X bytes or the header