Hi,
I think that we cannot do much about the security of the delivery process. One thing we can work on that should help security though is what the software world is calling "reproduceble builds".
From my point of view, the process from RTL to GDS2 should be fully
reproducable, so given a specified version of the Verilog design-files and a specified version of the LibreSilicon-PDK and a specified version of the toolchain, a deterministic GDS2 file should pop out of the process. So 2 different people should be able to take the same source-files, compile them, send them to 2 different fabs, get many chips produced, then take a few samples apart, and then those chips should look similar.
I think reproducable builds from RTL to GDS2 should be achievable, although it might take some rethinking the usual processes like e.g. DRC.
Several months ago, I thought about reproducable builds for qflow, specifically Graywolf, and I came to problem that Graywolf had poor single-threaded performance for huge projects, so parallelisation was the obvious solution for that, but I did not had a good idea how simulated annealing could be done in a reproducable way in parallel.
So my conclusion back then was that if we cannot find a way to do it reproducable in parallel, that we would need at least a reproduceable way that is single-threaded, so that the user could choose between fast and non-reproducable or slow and reproduceable.
I think that a libre PDK and reproducable builds are the best we can deliver for auditable and trustworthy chips.
Best regards, Philipp Gühring