Rust is an existential threat. \ stacker news ~bitdevs

pull down to refresh

300 sats \ 13 comments \ @Row 4h bitdevs

I find Lunduke's reasoning quite plausible here: https://x.com/LundukeJournal/status/1986142018418966545

A self-hosting compiler is an existential threat to the Bitcoin community. If a zero-day hidden in a compiler (which happen to be maintained by communists) hits us, we're fucked.

Are measures being taken on projects like LDK, LNDK, or Ord to name a few? What options does the Bitcoin community have?

view all related items

121 sats \ 0 replies \ @k00b 4h

Ideally we’d have a bootstappable build like this guy was working on.

0 sats \ 3 replies \ @optimism 1h

Trust is key.

Determining which software developers can be trusted is challenging.

What makes that determination easier... is when software developers tell you, point blank, that you cannot trust them.

It then continues to make assertions about what actions from developers would implicitly point to "them telling you that you cannot trust them". But a trustworthy dev would:

Tell you straight to not trust them, and
Point you to the process they have in place and ask you for feedback on that

The problematic assertion though is their first. "Trust" as depicted here has nothing to do with actual trust, it's to do with not doing your due diligence. Because if the (political) behavior of individual developers or even groups of them influences your trust in the product, then you're approaching this the wrong way; either because you don't have the skills, or because you don't want to spend time.

The reason for that is that trust is earned and therefore it's more efficient to trust a process, and not an individual, as individuals have higher churn than (established/institutionalized) processes. The way a process gets trust is because you audit the process and in open source, ideally you do that by participating in it.

What options does the Bitcoin community have?

Participate in their development process. Don't trust, verify.

100 sats \ 2 replies \ @Row OP 53m

What options does the Bitcoin community have? Participate in their development process. Don't trust, verify.

Check Ken Thompson's "Reflection on Trusting Trust".

Auditories are out of the question, the problem is precisely that since the compiler is self-hosted, such attack is not easily auditable, the scheme can hide malicious code without requiring to publish a change in the source, you'd have to audit each and every binary release of the compiler.

It would be kind of solved with a second Rust compiler.

0 sats \ 1 reply \ @optimism 43m

"Reflection on Trusting Trust"

I'm familiar with it.

It would be kind of solved with a second Rust compiler.

Only if you use it.

0 sats \ 0 replies \ @Row OP 38m

I'm familiar with it. It would be kind of solved with a second Rust compiler. Only if you use it.

That's the point, having a second compiler would allow you as an auditor to perform the cross-check.

In the current state, you can't, and have to resort to auditing every single binary.

0 sats \ 5 replies \ @Nodii 4h

60 sats \ 4 replies \ @brentkearney 4h

Haha @joshmo_dev's reply to this unhinged paranoia rant is most apt.

https://xcancel.com/joshmo_dev/status/1986198312643637447#m

The Rustic compiler is also a community maintained open-source project, with 148 contributors. The risk of a back-door slipping in with nobody knowing is as low as it is for any project. The motivation to move to Rust is because it has many benefits over other languages, especially for performance and security.

0 sats \ 2 replies \ @Nodii 4h

You don't happen to be one of the 148, right? If you are, why haven't you disclosed it? And if you aren't, do you even know one of those 148?

0 sats \ 1 reply \ @brentkearney 3h

No to all; I just looked at their Github. Knowing them is irrelevant. Think of how many millions of people have been involved in the tech stack transmitting your every keystroke from your fingers through the Internet to this retarded thread.

0 sats \ 0 replies \ @Row OP 2h

You don't understand the problem. Please study computer science, or at least get "Reflections on Trusting Trust".

0 sats \ 0 replies \ @Row OP 4h

Learn computer science please.

0 sats \ 0 replies \ @panter 4h

Satanic :(

0 sats \ 0 replies \ @brentkearney 4h

Alt link, for those who don't want to be on X: https://xcancel.com/LundukeJournal/status/1986142018418966545