Deterministic/verified _secure_ Mac Bitcoin-Qt builds

[Luke-Jr]

Background:
Currently, before a new release of Bitcoin-Qt is published to SourceForge, it must be compiled by 3 different people who verify that they have produced the same exact binaries. This is done to protect against a variety of attack vectors: a single builder could include a trojan or backdoor into their binaries. No matter how much this person is trusted, their ability puts them at risk of being forced (eg, by gunpoint or legal action) to do so, or potential to do so accidentally (eg, if their build system is infected itself). Additionally, there is one person to impersonate or man-in-the-middle-attack, and the chance (5-10% in a person's lifetime, according to a quick Google) the person may begin to go insane. It also leaves open a question to the masses should that person die, of whether his successor is just as trustworthy.

However, right now, these thrice-verified builds are only possible for Linux and Windows using the Gitian framework. So far, Gavin has been personally responsible for the Mac OS X binaries, and he (and the community) incurs all the risks above as a result.

My proposal:
I have succeeded in building bitcoind (the JSON-RPC server) for Mac OS X under Gitian, and verified that this build is deterministic (able to be compared with others' builds). In addition to the cross-compiler and dependencies of bitcoind, I have also succeeded in building the dependencies required for Bitcoin-Qt under Gitian - except for Nokia Qt itself. To build Qt, I need to go back to the cross-compiler and figure out how to get the Objective-C compiler working. Then I will need to configure Qt for cross-compiling using it, and ensure the output is deterministic enough to produce a deterministic Bitcoin-Qt build based on it. This is going to be a lot more work, especially since nobody seems to have ever cross-compiled Qt for Mac OS X before.

Therefore, I am asking for donations to help fund completing this effort: 1D8jkYpkcJUQ6BJzjAATAEBjHdgVhvisAV

P.S. My work thus far on this specific project is all published in these Gitorious repositories.

[1713963929]

1713963929

[1713963929]

1713963929

[1713963929]

1713963929

[Red Emerald]

Good luck!

[Luke-Jr]

bump

[danieldaniel]

"[...] and the chance (5-10% in a person's lifetime, according to a quick Google) the person may begin to go insane. It also leaves open a question to the masses should that person die, of whether his successor is just as trustworthy."
>5-10% in a person's lifetime
Oh crap!  That explains a lot.

[Luke-Jr]

FWIW, my bitcoind build is confirmed to work on 10.5 (Leopard), 10.6, and 10.7 (Lion)

[ErebusBat]

luke-jr:  Would this include a secure build of Armory?  It is very hit or miss as to weather or not it will build on OSX.

Also it might be helpful to include a thermometer so potential donors are aware of where we sit.

[Luke-Jr]

luke-jr:  Would this include a secure build of Armory?  It is very hit or miss as to weather or not it will build on OSX.

I wasn't planning on it (until your post, I thought Armory was Python and didn't have anything to build!), but maybe once Bitcoin-Qt is done I can look into it. Note that gitian itself only runs on Ubuntu, though - that is, this won't help building on Mac itself, just producing binaries that run on Mac.

[Luke-Jr]

I just released bitcoind 0.5.6rc2 for Mac OS X using what I developed here so far, if anyone wants to try it out...

[Luke-Jr]

A lot of interest (well, over 2/3 anyhow), but not so much willing to donate to the cause

In the meantime, bitcoind 0.5.6rc2 seems to be working good, so I've documented the process as a pullrequest for upstream.