[als0]

Reproducible builds aren't really that powerful if nobody audits what is being reproduced. And manual auditing is hard and tiring. You'd have to limit the number of updates to how many you can securely review over time. Or "pin" the code manually to specific versions so that it can't change without your permission.

My hot take on the subject of encrypted webmail is that the protocol to retrieve and decrypt mail should be a standard implemented by the browsers themselves. Not dependent on third party code, and you already trust the browsers not to leak information about what you're reading.

[chrismorgan]

Reproducible builds make it possible. As an associated practical benefit, they also aid in making it possible to confirm that at least you’re getting the same version as everyone else, which is not something that can practically be done on mainstream mobile platforms, or at all on the web, yet which is probably the most likely form of attack (e.g. serving key-stealing code only to a subpoenaed customer, or only to one person as a rogue employee, to reduce the probability of being noticed).