- Edited
Hello,
I was reading this post about the verified boot hash vs verified boot hash key and was wondering if there is a way to verify that the Grapheneos factory image we download is equivalent to the source code on GitHub without trusting graphene (presumably using the verified boot hash?).
I'm aware this hash will change every time an update goes live, but it seems useful to know that the OS I've downloaded matches the open source on GitHub before using Graphene. Perhaps there is a more obvious answer to all of this, apologies if this is a dumb question I'm a noob here.