mailman-lists-archive/pipermail/zapps-wg/2017/000114.html

135 lines
6.6 KiB
HTML

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<TITLE> [zapps-wg] Trusted Rust build process is ready for evaluation
</TITLE>
<LINK REL="Index" HREF="/pipermail/zapps-wg/2017/index.html" >
<LINK REL="made" HREF="mailto:zapps-wg%40lists.zfnd.org?Subject=Re%3A%20%5Bzapps-wg%5D%20Trusted%20Rust%20build%20process%20is%20ready%20for%20evaluation&In-Reply-To=%3CCAKazn3msxyDmbqj-JzjRNf8aFQvga4tA_XHhH6VLLNpKh9znAA%40mail.gmail.com%3E">
<META NAME="robots" CONTENT="index,nofollow">
<style type="text/css">
pre {
white-space: pre-wrap; /* css-2.1, curent FF, Opera, Safari */
}
</style>
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="000113.html">
<LINK REL="Next" HREF="000116.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[zapps-wg] Trusted Rust build process is ready for evaluation</H1>
<B>Sean Bowe</B>
<A HREF="mailto:zapps-wg%40lists.zfnd.org?Subject=Re%3A%20%5Bzapps-wg%5D%20Trusted%20Rust%20build%20process%20is%20ready%20for%20evaluation&In-Reply-To=%3CCAKazn3msxyDmbqj-JzjRNf8aFQvga4tA_XHhH6VLLNpKh9znAA%40mail.gmail.com%3E"
TITLE="[zapps-wg] Trusted Rust build process is ready for evaluation">sean at z.cash
</A><BR>
<I>Tue Dec 5 19:44:13 EST 2017</I>
<P><UL>
<LI>Previous message (by thread): <A HREF="000113.html">[zapps-wg] Trusted Rust build process is ready for evaluation
</A></li>
<LI>Next message (by thread): <A HREF="000116.html">[zapps-wg] Trusted Rust build process is ready for evaluation
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#114">[ date ]</a>
<a href="thread.html#114">[ thread ]</a>
<a href="subject.html#114">[ subject ]</a>
<a href="author.html#114">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>That would be nice!
What other obstacles are there for fully deterministic builds? It
seems like it would be a good idea to toss a few features in (like
that one) and make some kind of &quot;release&quot; binaries for people to use
which have been scrutinized and built in this reproducible way.
I hopefully will run into some time soon where I can audit the changes
you made to the code and dependencies, play with the build, do
comparisons and so forth. This is exciting!
Sean
On Tue, Dec 5, 2017 at 5:20 PM, Devrandom &lt;<A HREF="/mailman/listinfo/zapps-wg">c1.devrandom at niftybox.net</A>&gt; wrote:
&gt;<i> Verification passed (in fact, new_challenge was identical).
</I>&gt;<i>
</I>&gt;<i> BTW, would be nice if `compute` had a flag to only take entropy from STDIN,
</I>&gt;<i> so that we can check for any differences in the response.
</I>&gt;<i>
</I>&gt;<i> On Tue, Dec 5, 2017 at 12:48 PM Devrandom &lt;<A HREF="/mailman/listinfo/zapps-wg">c1.devrandom at niftybox.net</A>&gt; wrote:
</I>&gt;&gt;<i>
</I>&gt;&gt;<i> Thank you. Will do the verification shortly.
</I>&gt;&gt;<i>
</I>&gt;&gt;<i> Also, I've updated the instructions in
</I>&gt;&gt;<i> <A HREF="https://github.com/devrandom/powersoftau/wiki/Trusted-build-instructions-via-mrustc">https://github.com/devrandom/powersoftau/wiki/Trusted-build-instructions-via-mrustc</A>
</I>&gt;&gt;<i> to use the cargo built by mrustc. This required vendoring of the
</I>&gt;&gt;<i> dependencies.
</I>&gt;&gt;<i>
</I>&gt;&gt;<i>
</I>&gt;&gt;<i> On Tue, Dec 5, 2017 at 11:24 AM Sean Bowe &lt;<A HREF="/mailman/listinfo/zapps-wg">sean at z.cash</A>&gt; wrote:
</I>&gt;&gt;&gt;<i>
</I>&gt;&gt;&gt;<i> Excellent work! :)
</I>&gt;&gt;&gt;<i>
</I>&gt;&gt;&gt;<i> new, compute, verify_transform is a good demonstration. I would
</I>&gt;&gt;&gt;<i> verify_transform with a binary compiled with the normal Rust compiler
</I>&gt;&gt;&gt;<i> to double-check.
</I>&gt;&gt;&gt;<i>
</I>&gt;&gt;&gt;<i> Sean
</I>&gt;&gt;&gt;<i>
</I>&gt;&gt;&gt;<i> On Tue, Dec 5, 2017 at 11:59 AM, Devrandom &lt;<A HREF="/mailman/listinfo/zapps-wg">c1.devrandom at niftybox.net</A>&gt;
</I>&gt;&gt;&gt;<i> wrote:
</I>&gt;&gt;&gt;<i> &gt; Hi all,
</I>&gt;&gt;&gt;<i> &gt;
</I>&gt;&gt;&gt;<i> &gt; I was able to build rustc completely from sources. This means no
</I>&gt;&gt;&gt;<i> &gt; network
</I>&gt;&gt;&gt;<i> &gt; access during the build and without any Rust distributed binaries.
</I>&gt;&gt;&gt;<i> &gt;
</I>&gt;&gt;&gt;<i> &gt; The steps are here:
</I>&gt;&gt;&gt;<i> &gt;
</I>&gt;&gt;&gt;<i> &gt;
</I>&gt;&gt;&gt;<i> &gt; <A HREF="https://github.com/devrandom/powersoftau/wiki/Trusted-build-instructions-via-mrustc">https://github.com/devrandom/powersoftau/wiki/Trusted-build-instructions-via-mrustc</A>
</I>&gt;&gt;&gt;<i> &gt;
</I>&gt;&gt;&gt;<i> &gt; I'm still looking into building a cargo binary that supports TLS, to
</I>&gt;&gt;&gt;<i> &gt; eliminate the need to download it for building powersoftau itself.
</I>&gt;&gt;&gt;<i> &gt; Worst
</I>&gt;&gt;&gt;<i> &gt; case we can use a shell script.
</I>&gt;&gt;&gt;<i> &gt;
</I>&gt;&gt;&gt;<i> &gt; Would like to merge <A HREF="https://github.com/ebfull/pairing/pull/72">https://github.com/ebfull/pairing/pull/72</A> so that
</I>&gt;&gt;&gt;<i> &gt; we
</I>&gt;&gt;&gt;<i> &gt; don't have to maintain a separate patch for Rust 1.19 compatibility.
</I>&gt;&gt;&gt;<i> &gt;
</I>&gt;&gt;&gt;<i> &gt; Sean, what is the best method of validating that the generated binary
</I>&gt;&gt;&gt;<i> &gt; works
</I>&gt;&gt;&gt;<i> &gt; correctly? Just use &quot;new&quot;, then &quot;compute&quot; and then &quot;verify_transform&quot;?
</I>&gt;&gt;&gt;<i> &gt;
</I>&gt;&gt;&gt;<i> &gt; Also, I found that the generated binary is *very* different from the
</I>&gt;&gt;&gt;<i> &gt; one
</I>&gt;&gt;&gt;<i> &gt; generated by the downloadable Rust compiler. This is somewhat
</I>&gt;&gt;&gt;<i> &gt; worrisome,
</I>&gt;&gt;&gt;<i> &gt; although it doesn't affect us if we use the mrustc path. Will spend a
</I>&gt;&gt;&gt;<i> &gt; bit
</I>&gt;&gt;&gt;<i> &gt; more time to get to the bottom of it.
</I>&gt;&gt;&gt;<i> &gt;
</I>
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message (by thread): <A HREF="000113.html">[zapps-wg] Trusted Rust build process is ready for evaluation
</A></li>
<LI>Next message (by thread): <A HREF="000116.html">[zapps-wg] Trusted Rust build process is ready for evaluation
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#114">[ date ]</a>
<a href="thread.html#114">[ thread ]</a>
<a href="subject.html#114">[ subject ]</a>
<a href="author.html#114">[ author ]</a>
</LI>
</UL>
<hr>
<a href="/mailman/listinfo/zapps-wg">More information about the zapps-wg
mailing list</a><br>
</body></html>