As a service provider or app developer, remote attestation and reproducible builds are a pretty good defence against powerful 3p adversaries (like, govts). It is a bit like Certificate Transparency, in a sense; in that, you place your trust in the service provider / app developer and no one else. Attestation and Reproducibility are keystones atop which that trust can be anchored cryptographically (see also: Secure/Trusted/Verified Boot).