There's new experimental signing in wheels: https://wheel.readthedocs.io/en/stable/#automatically-sign-w...
and the signing defined in PEP: https://www.python.org/dev/peps/pep-0427/#signed-wheel-files