With lot’s of open source startups out there, I don’t see any way to guarantee that they are running the same open source code. I’m a building a product in open source and want to ensure that my customers can validate that I’m running the same program. This is a large vague problem but if you know any constrained solutions like in any specific programming language that works too!
I believe what you're looking for is <a href="https://reproducible-builds.org" rel="nofollow">https://reproducible-builds.org</a>.
It is not possible in a server-based architecture (say your classical webapp). However if design your software to run purely on the end-user's machine, you can just distribute the source code with the binary and rely on third parties to validate that the binaries are derived from the source code.