Is the Flatpak version produced securely?

The offered Firefox snap uses only HTTPS to secure the download of Firefox itself and its parts. At least I found this snapcraft.yaml proving it:

Due to recent attacks against HTTPS by changing network routes and creating new trusted certificates for official domains [1], HTTPS alone is not trustworthy anymore.

Is there a check of SHA512SUMS in the official Flatpak build? I couldn’t find any build recipe for Flatpak to check. I would be grateful for any link to the official build server and build recipe. Thanks!