Last I used it (disclaimer: long ago), there was literally no way to pull an image by hash, or even to verify that an image has a particular digest. The only way not to trust the image store was to use signing, which is kinda weird if you _already_ have a way to pass something from the build process to the machine that will use the software in a trustworthy fashion.
I'm not sure if that would count as a Strong Criticism. I would tend towards yes, because apart from the direct issues caused by that it makes one doubt the way the software gets designed (it really smells of someone implementing a "we must have signing" requirement).