what if the developers themselves are coerced to sneak something in?
This is certainly a problem in bitcoin XT where only
one? two? individual(s) have commit access.
You can still download it and check it does it?
Also when a release comes out, it usually has a checksum and a signature, any alteration after the release is easily detactable..
So if wallet 2.0 comes out, and it has a hash, but if you sneak something shady in it after, it wont match the hash of the 2.0.