walletbeat

Pushed some updates to https://wallet.page yesterday and I wanted to let you know that : 

REPRODUCIBILITY MATTERS : ability to reproduce firmware builds from source will be a criterion

reproducibility matters for clients too👀
@nethermind 
 
check the🧵

Very cool work from @niard.
The software supply chain rabbit hole can go further!
Stage 0️⃣: Open source [most wallets are here today]
Stage 1️⃣: Reproducible builds [what /walletbeat will look for]
Stage 2️⃣: Onchain build hashes
Stage 3️⃣: Onchain TUF-like update availability warrant canaries

Contributor @ /walletbeat.

Censorship resistance requires privacy.

Stage 0️⃣ solves for the bare minimum: Can users know what software they are entrusting their private keys to?

Absolute must.

Stage 2️⃣ (onchain build hashes) ensures that the wallet software you are running matches the software that everyone 𝙚𝙡𝙨𝙚 is also running. Putting that onchain ensures all users see the same set of valid build hashes.

Otherwise, you could be running some version that you've been tricked into thinking is an official build, but actually isn't.

Stage 3️⃣ is about putting software 𝘂𝗽𝗱𝗮𝘁𝗲 𝗮𝘃𝗮𝗶𝗹𝗮𝗯𝗶𝗹𝗶𝘁𝘆 information onchain.

Otherwise, you could be running an official-but-ancient version that still has an unpatched vulnerability.

Blockchains' censorship resistance properties means that by putting that update information onchain, it makes it impossible for patched releases to be censored away from you.

TUF (The Update Framework) tries to get close to this and is used in other security-critical software packages like Tor Browser Bundle.

Stage 1️⃣ (reproducible builds) ensure that you are actually running the code that you see on the wallet's open-source repository. Not some backdoored version.

Otherwise, how do you even check? You'd need to build it from source, which most users don't (and shouldn't have to) know how.