Currently hard coded key is used to sign vp token and its certificate chain, this is not correct. To be closer to real ts43 wallet behavior generate private key and cert from AndroidKeyStore with full certificate chain. This way services which do validating vp_token will not fail as certificate chain will contain root android certificate.