For usability purposes, we at Hive would like to have an auto-updater in our
wallet app.
What is a safe way to do this? I understand that Bitcoin-QT lacks such an
updater for security reasons... Has been thought out in more detail since that
decision was made?
We have been toying around with
If you want package authentication, you should at least throw in some
digital signing, not just a checksum. With a compromised host, both the
checksum and binaries can be changed undetectably, but if there's a
signature made by a key that is not kept on the host, there's no way to
fake a valid
Indeed. You can hardcode a distributor public key in the software,
and client software will only trust signed data from that key. Of
course, the private key for that data is not kept on the server
distributing the signed checksums. Ideally it would be kept offline,
and the couple-times-per-year
One approach you could use would be to use bitcoin signing on
a list of the build artifacts together with their SHA256 hashes.
If you have a look at the MultiBit release notes you get the
overall idea:
https://multibit.org/releases/multibit-0.5.13/release.txt
Currently these aren't machine
4 matches
Mail list logo
