How are this packages distributed, how users get them, are they possibly signed, is it related in any way to Store packages?
<span dir="">Yeah, I believe the Windows Store does distribute apps in the form of appx packages, but they can be sideloaded as well. There are also FOSS tools like </span>[`winget`](https://github.com/microsoft/winget-cli/tree/master)<span dir="">/App Installer that use </span>`Windows.Management.Deployment.PackageManager`<span dir=""> APIs to install AppX packages, </span>and provide access to community-maintained repos for AppX packages as well.
AppX packages contain signing info in the `AppxSignature.p7x` (which is just PKCS #7 data), there's also support for codeintegrity signatures in the `AppxMetadata/CodeIntegrity.cat` file in the archive. However, this is out of scope for opcservices.dll, as these APIs only get used to decompress and read appx files.
But yes, the idea is that the `PackageManager` code would open and read AppX packages using `ReadPackageFromStream`.