No Branch/Tag Specified
arm
asyncnotedecryption
danger
dev
dev-aarch64
dev-mac
dev-old-randomx
divzaddrs
dragonx
duke
freebsd
getfilterednotes
hip39
hushutils
insync
jahway603
master
mvstuff
onryo
p2p_privacy
ramhash
relaytx
rx-largepages
setbestchain
warmup
witness_cache
wolfssl
wolfssl_win
z_createrawtransaction
z_importwallet
z_signmessage
v0.11.2.z0
v0.11.2.z1
v0.11.2.z2
v0.11.2.z3
v0.11.2.z4
v0.11.2.z5
v0.11.2.z6
v0.11.2.z7
v0.11.2.z8
v0.11.2.z9
v1.0.0
v1.0.0-beta1
v1.0.0-beta2
v1.0.0-rc1
v1.0.0-rc2
v1.0.0-rc3
v1.0.0-rc4
v1.0.1
v1.0.10
v1.0.10-1
v1.0.11
v1.0.11-rc1
v1.0.12
v1.0.12-rc1
v1.0.13
v1.0.13-rc1
v1.0.13-rc2
v1.0.14
v1.0.14-rc1
v1.0.15
v1.0.15-rc1
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.0.7-1
v1.0.8
v1.0.8-1
v1.0.9
v1.1.0
v1.1.0-rc1
v1.1.1
v1.1.1-rc1
v1.1.1-rc2
v1.1.2
v1.1.2-rc1
v2.0.0
v2.0.0-rc1
v2.0.1
v3.0.0
v3.1.0
v3.1.1
v3.10.0
v3.10.1
v3.10.2
v3.2.0
v3.2.1
v3.2.1-alpha
v3.2.1-beta
v3.2.2
v3.2.3
v3.3.0
v3.3.1
v3.3.2
v3.4.0
v3.4.1
v3.5.0
v3.5.1
v3.5.2
v3.6.0
v3.6.1
v3.6.2
v3.6.3
v3.7.0
v3.7.1
v3.8.0
v3.9.0
v3.9.1
v3.9.2
v3.9.3
v3.9.4
Labels
bounty up to 500 HUSH 2001-5000 bounty
bounty between 2001 and 5000 HUSH 501-2000 bounty
bounty between 501 and 2000 HUSH arm
something doesn't work on arm beginners
for new developers bug
may or may not be a bug build
problems building documentation
not enough information feature
new feature high priority
high priority i2p
related to i2p low priority
low priority medium priority
medium priority question
something is not clear release
release label or issue related to it testing
related to testing tor
related to tor wontfix
this won't be fixed
Apply labels
Clear labels
0-500 bounty
bounty up to 500 HUSH 2001-5000 bounty
bounty between 2001 and 5000 HUSH 501-2000 bounty
bounty between 501 and 2000 HUSH arm
something doesn't work on arm beginners
for new developers bug
may or may not be a bug build
problems building documentation
not enough information feature
new feature high priority
high priority i2p
related to i2p low priority
low priority medium priority
medium priority question
something is not clear release
release label or issue related to it testing
related to testing tor
related to tor wontfix
this won't be fixed
No Label
0-500 bounty
2001-5000 bounty
501-2000 bounty
arm
beginners
bug
build
documentation
feature
high priority
i2p
low priority
medium priority
question
release
testing
tor
wontfix
Milestone
Set milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Assign users
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.
No due date set.
Dependencies
This issue currently doesn't have any dependencies.
Reference in new issue
There is no content yet.
Delete Branch '%!s(MISSING)'
Deleting a branch is permanent. It CANNOT be undone. Continue?
No
Yes
The hushd build should be reproducible. This issue will be used to keep track of various changes needed to make that happen.
More info at https://reproducible-builds.org/
As a next step, we could make a list of issues that make our build non-reproducible
@jahway603 are you aware of exactly what issues make hushd build currently non-reproducible ? How hard of a task is this?
The build always breaks when a new version of gcc is released. I can look into this further soon.
@jahway603 how does it break in regards to being reproducible ?
When gcc gets updated to a new version, the hushd code always needs to be changed to add some new header(s) for it to continue to successfully build.
This commit is an example of gcc13 fix
121ec4b9d4
This commit is an example of gcc12 fix
dd9be59e4f
I can't find the fix for gcc11 (or was it gcc10?)
@jahway603 I think that I haven't been clear in exactly what it means to be "reproducible". Your example of new versions of compilers requiring us to change Hush source code is definitely annoying, but that is orthogonal to reproducibility.
Reproducibility means the turning source code into a binary is 100% deterministic. Very common things that prevent a binary from being deterministic/reproducible are including the current time or date, the username or hostname of the bulid server, current timezone, the PATH when built, the current status of the git repo (you will see something like -dirty in the version when building manpages) and various other things. It is not related to needing to change source code because some external dependency changed.
Making code reproducible usually means changing the build system but can also require changing the code itself.
And to clarify more, reproducibility is per-architecture. We are not trying to make a Windows binary that is exactly the same as a Linux binary. We are trying to make it so that if two developers compile a Linux binary on their Linux servers, those binaries are byte-for-byte 100% exactly the same. A way to check this is that both binaries should have exactly the same SHA256.
The easiest way to get reproducible builds in Hush will be to port over how Bitcoin Core does things with Guix (which is something similar to Nix) : https://github.com/bitcoin/bitcoin/blob/master/contrib/guix/README.md
The BTC PR that added Guix support also has some interesting comments : https://github.com/bitcoin/bitcoin/pull/15277
BTC used to use a system called "Gitian" to do reproducible builds, which I helped port to Hush in The Olden Times for the old hush.git repo: https://git.hush.is/hush/hush-gitian
There are likely very good reasons why BTC Core decided to migrate away from Gitian and it's probably best for us to go with Guix vs Gitian, but if somebody wants to make a reproducible build by porting our old Gitian stuff to the new hush3.git repo, that would be better than nothing.
@jahway603 installing guix from source looks brutal but thankfully there is an AUR package and a Debian 11 or 12 package and Ubuntu package starting at 21.04