Ok let me explain short, what happens here:
The was an update of the pgp keys and you didn’t update it first. Now you download a package which was signed with the new pgp key, but you still use the old one.
I said this:
Because a database refresh also offer you to update. Do it without selecting discord.
However… to get the newest pgp keys again, do this:
# update mirrors
sudo pacman-mirrors -c Germany # or any other Country
sudo pacman-mirrors -f 5
# remove gnupg and re-init it
sudo rm -rv /etc/pacman.d/gnupg
sudo pacman-key --init
# remove pacman cache
sudo rm -Rf /var/cache/pacman/pkg/*
# download the newest packages which contains the gpg keys
sudo mkdir -pv $HOME/.cache/pkg/
# !!! Don't import keys here... so type "n" if asking. !!!
sudo pacman -Syw archlinux-keyring manjaro-keyring --cachedir $HOME/.cache/pkg/
# remove the signatures
sudo rm -f $HOME/.cache/pkg/*.sig
# Install the packages
sudo pacman -U $HOME/.cache/pkg/*.tar.zst
# clear the cache
sudo pacman -Sc
# Remove the downloaded packages again
sudo rm -Rf $HOME/.cache/pkg/