Why reproducibility matters
The ability to reproduce and verify firmware for Passport has always existed, but in recent weeks we’ve ramped up our efforts to make it easier for anyone to be sure that the code running on their Passport exactly matches what is on Github. That culminated last month in the release of a new step-by-step guide to reproducing Passport firmware, making it easier than ever for you to verify firmware yourself, along with updates to the validation of our firmware’s reproducibility on Wallet Scrutiny.
While those resources are more of the “how” for reproducing firmware, we wanted a place to walk through the “what” and the “why” as well.
What are “reproducible builds?”
While there are many open-source projects out there today, the ability for you to validate that the binary (the actual piece that you install or run) is actually a bit-for-bit match with the code on Github is quite rare. The main reason for this is that ensuring binaries for a given project are reproducible requires a massive amount of work up front for the developers and maintainers, as well as additional documentation, maintenance, and customer support. Here at Foundation we view the trust minimization that reproducible builds bring as vital, so we’ve put in the hours to enable easy reproducible builds for everyone.
Reproducible builds allow you, the user, to build the binaries for Passport directly from the source code in a repeatable, “reproducible” way and validate the results match exactly what we ourselves publish. The way these builds actually function under the hood can differ widely from project to project, but always rely on building the binaries in exactly the same way no matter the users operating system, computer, etc. The rough process for Passport’s firmware looks like this:
- Download the source code from Github that corresponds to a specific version of firmware (i.e.
- Create a build environment that is exactly the same as ours at Foundation, using Docker
- Build the binaries directly from the source code you just downloaded from Github
- Compute a cryptographic hash for your newly built binaries and compare it to the released binaries, proving that they match exactly
Thanks to the magic of cryptography, we can compare the binaries we build with those Foundation releases by computing a hash of the binary, something that will change completely if even one bit of data is different in our binaries versus Foundation’s. This makes it trivial to compare and verify binaries, the ultimate goal of reproducible builds.
You can get a quick walk-through of what to expect in this short video of the entire process, start to finish:
Why does this matter?
The ability to not only see, read, and verify the open-source code published for Passport, but also to take it one step further and ensure that the firmware you run exactly matches that code provides the highest level of trust minimization possible. When you can be sure that the code actively running on Passport matches exactly what you would expect, it reduces the potential threat of Foundation releasing malicious firmware as there is no way for us to include code in the firmware that isn’t publicly visible and scrutinized on Github.
We don’t want you to have to trust us at all, and reproducible builds are the full embodiment of the phrase “don’t trust, verify.”
Try reproducible builds today
If this piqued your interest, you can dive in and reproduce Passport firmware yourself today! Following the guide below will take you through every step of the process:
While the guide is focused on Linux, the commands and steps will be very similar on operating systems like Windows and MacOS, and we’ve linked out to the relevant guides for dependencies on those respective operating systems.
If you do try out reproducible builds, we’d love it if you’d share your results publicly! Post the output of the process to Twitter or your favorite social media platform, tag us @FOUNDATIONdvcs, and we’d love to share your post out ourselves.