Author: Matt Corallo 2013-12-31 21:33:54
Published on: 2013-12-31T21:33:54+00:00
The Bitcoin community has a system for secure updating called gitian-downloader, but it is not being used to verify signatures of downloads. Developer Jeremy Spilman suggested using the blockchain as a way to provide forward-validation of updates, which could include identifying different release targets and corresponding platform builds. The process would involve hard-coding a public key into the client and checking a signature on new binaries or as complex as announcing updates in the UI and providing a button for users to verify the binary matches its expected hash. While this would not provide any benefit if the wallet software is already compromised, it would allow trusted automatic update notification and a trusted way to deliver the expected hashes. However, formalizing the release process around a set of privkeys may raise its own set of questions. In terms of downloading the upgrade itself, there is debate over whether to announce availability on the blockchain leading to a BitTorrent magnet link or whether to add an entire BitTorrent stack into the wallet. It was also noted that increasing the use of signature checking through SSL would improve Drak's threat model. Discussions are ongoing within the Bitcoin-development mailing list.
Updated on: 2023-05-19T17:52:07.495899+00:00