WACZ Disinformation Attack Vector

This page demonstrates a potential attack vector for distributed web archives, where archived content has been altered as it is being written to a web archive. In this experiment a man in the middle proxy (mitmproxy) was set up on the recording users's computer, and their browser has been instructed to trust the certificate generated by mitmproxy. mitmproxy was given a small script to rewrite the content of the page. See if you can spot the change by comparing to the original.

Is there anything that can be done at the interface level to surface information in the underlying WACZ data (e.g HTTP trace data) that a proxy was in use? Or given the many places where content could theoretically be altered in the chain of transmission is it better to trust the creator of the archive, and to be able to see who they are, who else knows them, etc?