Theres some interesting security ideas you could try to solve with something like this. With an open source service that is hosted by someone else, you never know what is actually running. You can't trust it.
I was thinking about something similar a few months back, and I think it could be doable. You'd need a CI service that creates reproducible builds, and a hosting service that can show what build artifact is currently loaded. You'd allow the public to view the state of the service. I think it could work with heroku or similar.
That gets me closer to: I trust the code, and I trust the hosting service (I.E. AWS), but I don't need to trust the person running the code as I can verify that it matches what's on GitHub.
I was thinking about something similar a few months back, and I think it could be doable. You'd need a CI service that creates reproducible builds, and a hosting service that can show what build artifact is currently loaded. You'd allow the public to view the state of the service. I think it could work with heroku or similar.
That gets me closer to: I trust the code, and I trust the hosting service (I.E. AWS), but I don't need to trust the person running the code as I can verify that it matches what's on GitHub.