Comments (14)
Is there a good reason not to jump to 1.24.1 immediately then?
from rust-bitcoin.
I was under impression that once you do a bootstraping like this once, and then compile the compiler source code with the bootstrapped compiler binary and then with the original compiler binary, and they produce the same output, you've proven that the original compiler at a given checksum does not contain any backdoors, and can be used from now on as a starting point. Sorry if I'm terribly mistaken here. :)
I'm under the same impression.
from rust-bitcoin.
@real-or-random afaik bootstrapping rustc has to begin with 1.19 or earlier versions because that's the latest version supported by mrustc. Every version increase over that introduces one more step from there.
from rust-bitcoin.
I didn't follow the discussion in IRC. Why is bootstrapping so much more secure?
from rust-bitcoin.
@sgeisler Isn't the whole process automatable, and that will have to be done eventually anyway? I mean - eventually even newer version will be a requirement. Also, does it even have to be repeated ever again?
I was under impression that once you do a bootstraping like this once, and then compile the compiler source code with the bootstrapped compiler binary and then with the original compiler binary, and they produce the same output, you've proven that the original compiler at a given checksum does not contain any backdoors, and can be used from now on as a starting point. Sorry if I'm terribly mistaken here. :)
Seems like GUIX team just went to 1.28.0: https://www.gnu.org/software/guix/blog/2018/bootstrapping-rust/
from rust-bitcoin.
@real-or-random https://www.schneier.com/blog/archives/2006/01/countering_trus.html is my understanding.
from rust-bitcoin.
The real thing that I want to discuss is how the whole process should look like. Without a deterministic build of the compiler, we need to trust someone to build the compiler. Who do we trust?
This might be less of a problem because we don't release binaries, so any malicious tampering would only cause discrepancies between the Travis test results.
My naive plan that's meant to draw constructive criticism:
- I build 1.19.0, then 1.20.0
- I upload the binaries somewhere
- I modify travis to pull down the binaries instead of using its own rust compiler
from rust-bitcoin.
@dpc You're right. But there are usually many complications in this process, and the original author of the diverse double compiling paper, when trying to demonstrate the process, even had to patch compilers.
Given that we're doing one-off DDC, I guess:
- Agree on which rustc binary to use
- DDC check on said rustc binary
- If passed, modify travis to use that binary instead of using its own rust compiler
from rust-bitcoin.
For what it's worth, there is quite some progress on a mrust brach targeting 1.29, see https://github.com/thepowersgang/mrustc/commits/nightly-1.29 and thepowersgang/mrustc#95 .
from rust-bitcoin.
@real-or-random Yes. However, we are somewhat limited by what debian packages under stable. I think it makes sense that for a major distribution like debian, people should be able to install rustc and compile rust-bitcoin with no problems. This means we can only do <= 1.24.1
.
from rust-bitcoin.
Hm, yes, I know. I somehow assumed that this branch of mrustc will then also be able to compile rustc 1.24.1. But I see that this assumption is probably not justified...
from rust-bitcoin.
I've bumped the version to 1.20.0
here: #210
I believe we should use this thread to discuss how we want to do the process. Perhaps we should wait until deterministic builds are easy with rustc?
from rust-bitcoin.
In general, it may be a good idea to bump shortly after a Debian release. This is rare enough, and we then can decide which version we want.
from rust-bitcoin.
Closed by #210
from rust-bitcoin.
Related Issues (20)
- Can we sort `rustfmt` out once and for all HOT 5
- Add type data to TxOut HOT 15
- Should `LockTime` types live in `units` HOT 8
- Consider not deriving `serde` impls from `units` types HOT 12
- Is introducing `LockTimeUnit` enum promote redundancy? HOT 3
- Should `Script::witness_version` check if the script `is_witness_program` before it returns the version? HOT 2
- Make sure we mention than 'm/' is not handled in bip32 derivation paths HOT 1
- Use `Message::from` HOT 2
- Errors while making commits. HOT 14
- Is the function `from_hardened_idx` correctly implemented? HOT 3
- Consider adding a const version of `blockdata::genesis_block` HOT 1
- `base58::Vec` in error message is odd HOT 3
- Make hex an optional dep for hashes HOT 1
- Update crate owners HOT 8
- Computing witness lengths of a TxIn HOT 5
- Witness content doc typo HOT 2
- Is `Hmac` too generic HOT 3
- `hashes::util` needs re-naming HOT 2
- Usage of "m/" in derivation path HOT 6
- Do We require BIP324 implementation? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rust-bitcoin.