Release signed Firefox addon, Thunderbird addon, or signed standalone interface
Tutanota already does it for mobile apps. Desktop/browser users should have the same advantages. Do like other security-concerned open-source projects, and provide PGP signature files with every official release or provide hashes or tell users your fingerprint. Allow Mozilla to review your addons as they do to all addons submitted through their site.
This was one of the reasons why Cryptocat evolved from a web interface to a signed browser addon and apps and then to a standalone desktop program. Read the creator's reasoning:
Emmanuel Goldstein commented
Why not just compile the app and run it locally, thats what I do. If you want a stand alone type app, throw that locally compiled app into a Phone Gap app dev, or a windows UWP.... OR learn how to emulate android APKs on your desktop and do what ive been doing since 'nam
Your suggestion is related to this suggestion: