What specific security problem are you trying to solve with double-signing, or more specifically, by asking vendors to sign their own plugins before submission?
The DC plugin tooling is already in a neglected state (a broken default banned dependencies configuration that doesn’t work with current versions of any product, REST javadoc generation not working, lost signing keys, and a Maven version that was broken for a few years up until recently) and I would be wary of cramming more requirements on the vendor side.
How about a magic solution #4 where vendors upload the .JARs to the Marketplace after authenticating themselves with your preexisting 2FA solution, Atlassian performs whatever magic “blessing” it needs to do, and spits out a link (via UI and REST) to the signed .JAR?
You sign it however you want, you verify it in whatever way suits Atlassian best, and it does not create additional workload for vendors.