From a "trusting trust" point of view, compiling rustc-translated-to-C with a C compiler (and comparing the result to normally-compiled rustc) is a valid demonstration, because we're again starting from code and can eliminate the possibility of a binary-resident compromise.

The actual issue here is that the translation was done using a rustc backend, and therefore an existing rustc binary which could be compromised and inject a "if (user=="wmanley") {...}" that isn't present in the original Rust code. If cilly was completely standalone (like mrustc), or if you had a rustc+cilly build you trusted, there would be no issue.