Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reproducible build for binary signing #5807

Open
wileyj opened this issue Feb 5, 2025 · 0 comments
Open

Reproducible build for binary signing #5807

wileyj opened this issue Feb 5, 2025 · 0 comments
Assignees
@wileyj

Comments

@wileyj
Copy link
Collaborator

wileyj commented Feb 5, 2025

Similar to what other projects do to verify a binary, we should create a reproducible build process to democratize the release process more.
The first step is providing a process that others can use to verify a build artifact, and later the ci release process may use this signed artifact to perform a "release" build.

Opening this issue as the first step into investigating if this would be feasible (or even a good idea for stacks).

https://guix.gnu.org/manual/devel/en/guix.html
https://guix.gnu.org/en/blog/2020/reproducible-computations-with-guix/

and using bitcoin as inspiration:
https://gist.github.com/eriknylund/a58d7587f785881eee0aea10bba60546
https://github.com/bitcoin/bitcoin/blob/master/doc/release-process.md#building
https://github.com/bitcoin-core/guix.sigs
https://github.com/bitcoin-core/bitcoin-detached-sigs

another interesting idea to look into is to timestamp the build artifacts: https://opentimestamps.org/
@wileyj wileyj self-assigned this Feb 5, 2025
@github-project-automation github-project-automation bot moved this to Status: 🆕 New in Stacks Core Eng Feb 5, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@wileyj wileyj

Labels
None yet
Projects
Stacks Core Eng
Status: Status: 🆕 New
Milestone
No milestone
Development

No branches or pull requests
1 participant
@wileyj