This is such an underrated improvement app stores could make, which would make a large impact for minimal effort. They already require signed binary submissions, just publish the hash so we can verify it!
Edit: it's a large impact for the tiny fraction of the population who's interested in verification, with no degradation of the experience for everyone else
It could be bigger than that. Imagine a little badge for open-source apps that don’t use any closed-source SDKs. These apps could be prioritized in search, and the users would benefit: less garbage in simple apps and higher battery life.
This won’t directly drive income for the app store in question, but it may drive perceived value of the platform as a whole.
Edit: it's a large impact for the tiny fraction of the population who's interested in verification, with no degradation of the experience for everyone else