In this episode of “The Van Wirdum Sjorsnado,” hosts Aaron van Wirdum and Sjors Provoost discussed why it matters that Bitcoin software is open source and why even open-source software doesn’t necessarily solve all software-specific trust issues.

Furthermore, even if the open-source code is sound, this doesn’t guarantee that the binaries (computer code) really correspond with the open-source code. Van Wirdum and Provoost explain how this risk is largely mitigated in Bitcoin through a process called Gitian building, where several Bitcoin Core developers sign the binaries if, and only if, they all produced the exact same binaries from the same source code. This requires special compiler software.
Finally, the hosts discuss Guix, a relatively new project that goes above and beyond the Gitian process to minimize the level of trust required to turn source code into binaries — including trust in the compiler itself.
584 Interactions, 2 today