One could design a toolchain that posts a hashed signed version of the source used to produce a signed binary. Build and deploy what you want and if you want people to trust it and opt in then it is publicly available.

In this case you get the signature and it confirms the device and links to a tamper proof snapshot of the code used to build its firmware.