What I meant is when you go to save an iRule to a BIG-IP your code adds headers to track its deployment. So if my iRule was
when HTTP_REQUEST { my code }
When deployed via API your code would modify it so it becomes
### Deployed: Timestamp Here ###
when HTTP_REQUEST { my code }
Then all it has to do is wait for that to appear at the destination to know it's been propagated. Time stamp is just a unique value at the time of deployment. Epoc seconds would be useful unless you want the value human readable.
How does this work? When your API reads the iRule to check for propagation it can verify with the header you added to see if it matches what it should be. When actually reading the iRule to return it downstream it can strip off that header. In essence it's shadow header for tracking propagation, controlled by you. Has zero dependancies on anything else and no effect on the iRule itself because comments are ignored but saved with the iRule.
Using MD5 is another method but without something in the iRule content to make it unique you won't be able to detect propagation if the iRule is redeployed unmodified. When the aim is propagation verification regardless of content each item has to be unique.
( Note: I'm waiting for F5 to step in here and say.. this API mechanisim already exists and you can check it in this way.... LiefZimmerman )