technically you could audit your local copy of tor source code, build it, and then never upgrade it.
still this wouldn't guarantee that all the other nodes are not compromised