How is Ceno making sure someone is not poisoning the cache?

edit: I try to read the paper and it's just referencing some RFC, which is not making me smart at all.

Again, how am I sure that when I am reading something from the cache, it's really serving what the site was serving somewhere else, and the person saving it there didn't modify it? Is it signed by the original page SSL cert?

edit2: ahh the "injector server", which is run by Ceno, retrieves the page and signs it. So you are moving the trust to Ceno and the central Ceno server actually does the browsing...? So the injectors can just see all the traffic? But that's inevitable I guess, someone needs to see the traffic