Say, I am building a service which I want to gain natural 100% trust from anyone who uses it or for any reason is skeptical about it.<p>As a parallel example, I as a user can 100% trust, e.g. lodash library to use in my projects. It's open-source, popular, traceable by the large community and there is literally no place for any backdoor, hidden tracking and so on.<p>So, what if I want my service with all its infrastructure, data in databases, incoming and outgoing connections to be 100% transparent, open to be investigated and audited?<p>Disregard the problem of data privacy and sensitivity - assume that there is no such data.<p>Problems I see:<p>- When I create a commit/push to the codebase, then run CI, how do I as the owner can prove that exactly this build goes to production without any backdoor being added to it when deployed?<p>- As a user how do I know there is no hidden process running tracking events, data writes in background while I am performing some action?<p>- As a user how do I know the monitoring/audit tools provided by the owner are not fake and show exactly the state of the service?<p>- Is it even possible in reality to create it the way when an arbitrary user, having some level of expertise and some level of access to the system (in order not to bring harm) could say that the system is completely clear in all its incentives, data and processes?