How do you attest this without simply trusting the dev or monitoring package data transferred by the app?[1] iOS, differently from Android, doesn’t have a explicit network permission that the user can verify.

All apps have network access by default and there’s nothing you can do about it without jailbreaking.

[1] as many pointed out: open source in iOS is a moot point as there’s no way to verify the binaries.

You are incorrect you can verify network access on iOS. https://support.apple.com/en-us/HT212958

You’re misunderstanding me. On android you can see if the app have network permission. On iOS privacy report you can see if the app accessed the network.

There’s an important distinction. On the first instance the app can’t access the outside world. On the second you will just know that it did.

[Edit]

See the author of keepassium commenting on the same issue about a month ago:

https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...

> All apps have network access by default and there’s nothing you can do about it without jailbreaking.

There is another option - buy an iPhone in China:

iOS: Disable WiFi (not just cellular) for specific apps without jailbreaking https://tinyapps.org/blog/202209100700_ios-disable-wifi-per-...

I don't understand how this isn't available everywhere. I would love to block certain apps from ever accessing the internet!

+1 for strongbox.

Have been using it for 3-4 years now. Its integration with the Apple ecosystem is second to none. I do use an online version that syncs with iCloud so I can access it anywhere (but with a Yubikey).