Author: Gregory Maxwell 2012-06-11 20:43:20
Published on: 2012-06-11T20:43:20+00:00
In a discussion about the use of BerkeleyDB (BDB) in Bitcoin, Mike Hearn brought up concerns regarding the poor inter-version compatibility of BDB and its lack of space efficiency. He also pointed out that BDB files are not deterministic, which is problematic for read-only pruned indexes. Another user joked about Hearn's comment before pointing out that even if a more complex scheme is used to commit binaries to the blockchain, someone still needs to verify that the binaries match the source. The binaries distributed by bitcoin.org have already been compiled deterministically and validated by multiple independent parties. In the future, an update downloader tool will be implemented that checks for N approvals before accepting an update. This will create a chain of custody that tracks the actual binaries people fetch to specific source code, making substitution attacks detectable in theory. However, the possibility of Ken Thompson's compiler attack remains, though it can be largely mitigated.
Updated on: 2023-05-19T00:39:39.745891+00:00