Even for a signer app you are putting trust in the owner of that signer app. Though you can take the code and publish it to your own app store account if you have one. And there are some albeit super complex ways to attempt reproducible builds on iOS.

Reproducible Builds for iOS and Android

This page contains instructions for verifying that Telegram's open source code is exactly the same as the code that is used…

Remote signing can solve some of this, we're working on that via the cloud route but it still requires some trust in AWS or Intel. (Though I'd argue it's close enough to being trustless.)

I'm building Aegis — a Nostr signer app, now available on TestFlight. Tested with Nostur, Olas, 0xChat, and Flotilla — all working fine. Give it a try:

Join the Aegis - Nostr Signer beta

Available on iOS