Twitch can detect if a pack was exported from an alternative launcher such as the one that I promote heavily on my non-curseforge/non-twitch assets. The zip files created are good, they test good they are valid and all the current alternative launchers have no problems importing them. But Twitch does, this indicates to me that Twitch can somehow fingerprint the pack zip. My theory is that it reads the order of the json objects in the manifest.json file and if they don't occur in the order that they are normally generated for a Twitch pack then it throws up a stupid error like "invalid zip." Either that or someone on the Twitch dev team has it out for myself and others in the CurseForge modding community and don't want us to gain any more popularity than we already have. I'm leaning towards the first option that it being a code designed attack against alternative launcher formats.
A json pack structure should be irrelevant to a commercial grade pack launcher, it should be using a json model accessor that loads the json file and polls the data from it, not read said file directly as if sequentially expecting fields in a specific order. Which would be a very effective way to make Twitch the only authorized launcher. That is until what I'm saying gets out and the alternative launchers recode their export functions to make their export files appear structurally the same as if they were built on a Twitch itself. If that happens and issues continue to happen then my second supposition will hold more validity.
Only one file has updated which is enough to pull this back into the Twitch export realm without having to add another mod.