It is difficult to verify the sanity of installed application to ensure the apps or OS has not been compromised. The use case for this requirement is privacy first requirements of at risk communities.

@fabricedesre notes that the existing App Signing has some pros and cons.

@autonome Can you think of anything that IPFS offers that could help here?