For trust with our users, it would be great to have the code we run on our servers as "verifiable" as possible.
We're obviously not going to give everyone SSH access but creative ideas are definitely welcome!
Using publicly available AMIs & only known git commit hashes would be a good first step in that direction.
For trust with our users, it would be great to have the code we run on our servers as "verifiable" as possible.
We're obviously not going to give everyone SSH access but creative ideas are definitely welcome!
Using publicly available AMIs & only known git commit hashes would be a good first step in that direction.