Author: Jeremy Spilman 2013-12-31 21:25:40
Published on: 2013-12-31T21:25:40+00:00
It appears that the dedicated server under which the site was moved temporarily had melted down under load. Despite this, the offer still stands. In order to provide forward-validation of updates using blockchain, an approach could be taken whereby it's up to the user to verify the provenance of the binaries/source the first time they install the wallet. From that point onward, detection and validation of updates could be made easier. A simple way to do this would involve hard-coding a public key into the client and checking a signature on the new binaries, whereas a more rigorous approach would identify all the various releases in terms of a BIP32 xpubkey whose branches would correspond to the different release trains and platform builds. Announcing availability on the blockchain could lead to a BitTorrent magnet link, but objections have been raised against adding an entire BitTorrent stack into a wallet.Although formalizing the release process around a set of privkeys (or split shares of keys) may raise questions, this approach provides trusted automatic update notification and a trusted way to deliver the expected hashes. It also has the potential to resolve some of the consternation around when a release is truly "released". The download itself could possibly be hosted on AppEngine or something else that can handle both high load and TLS.
Updated on: 2023-06-07T21:57:42.636561+00:00