I personally don’t like Gitlab’s way of issue tracking as well. For all other aspects it is quite a great tooling.
The idea of signing is to prove that the build is actually coming from legit sources / the orginal distributor/team and signing happens with a PRIVATE key that must not be shared.
You are right. Switching back and forth by dirty flashing “on top of incompatible data” just like that is not possible due to this. You could theoretically build a custom data migration zip however that is a bit advanced and depends on the level of your expertise and adventurousness.
Regarding firmware: /e/ 0.2 requires the latest 5.1.7 firmware as well. It is just the older Nougat-based /e/ 0.1 that requires older firmware. This downgrade is indeed somethign that is not very desirable. BTW, if I were you I would used firmware from original sources only (support.oneplus.net) unless you know the person who upped the ZIP.