Presumably, they could just treat iOS like macOS, where there already is a notarization system that covers apps distributed outside of the Mac App store.

https://developer.apple.com/documentation/security/notarizin...

Also, people forget that iOS itself has many security protections built into the platform itself that go beyond App Store review.

https://news.ycombinator.com/item?id=30199125