Is it possible to verify the source used to compile a mobile app?

Question

Let&rsquo;s use Signal as an example. How confident can I really be that the app I&rsquo;m getting from the App Store was built using the code that I see in GitHub?It would be fantastic if Apple & Google gave developers the option of having their source code securely hosted and linked to from an app&rsquo;s product page. Or at least some kind of cryptographic signature (a simple hash digest?) that could be used to foster more confidence.I&rsquo;m not an app developer, and my simple Google searching hasn&rsquo;t come up with a satisfying answer.

pvg · Accepted Answer

The google search term you want is "reproducible builds" which will give you some idea of the technical approaches to that sort of thing.