Issue Details

Number

29914

Title

RFC: In guix compile the GUI sequentially from everything else?

Description

Compiling the GUI pulls in quite a few dependencies, which could theoretically include backdoors that are leaked into bitcoind (or other non-GUI utils) as well. A possible mitigation would be to compile the GUI in a separate guix container from the rest of the binaries. The downside would be that the node library, and the `depends` dependencies of the node library would have to be compiled twice, but the overhead may be worth it? (I won't be working on this, but I wanted to keep track of this in a brainstorming issue, as the topic has repeatedly come up)

URL

https://github.com/bitcoin/bitcoin/issue/29914

Closed by

Notes

Attention of

Kill Factor (1-10)

Save

Back to List