Sort:  

It begets an important point however: the version number presented does not mean anything. You have to trust that a witness is running a particular piece of code, as there is no technical way to be sure what exactly they are running. A set of witnesses you don't trust could say they are running some open source code, but actually be running other closed source code with hidden side-effects.

We should add a hash to the version to verify the code?

You cannot do something like this in a way that the actual person running the code could not spoof.

Scary.
Does that break the chain?

To be clear, the protocol can't change unknowingly to other observers of the chain. When I say side effects, this generally refers to options within the protocol. Censorship and enacting a form of "emergency power" entrenching the governance are some examples. Secret hard fork preparation is also possible, and post hardfork there is no trustless way to validate what the new protocol is.
Worse though, if you're not observing the chain (i.e. running your own node) then you can't tell in constant time in a trustless way if the protocol has even changed.