
Securing Bitcoin Core with Blockstack - muneeb
https://lightco.in/2016/08/18/securing-bitcoin-core/
======
muneeb
There is an on-going discussion on r/bitcoin re this post where some Bitcoin
Core developers are commenting on the post. Worth checking out:
[https://www.reddit.com/r/Bitcoin/comments/4yhhe1/securing_bi...](https://www.reddit.com/r/Bitcoin/comments/4yhhe1/securing_bitcoin_core_releases_with_blockstack_a)

------
ISL
Regarding this particular attack, isn't it addressed by reproducible builds?

If the bitcoin software binaries are being replaced by nefarious actors, the
hashes would conflict by those generated by source compilation. Is there a
reason this doesn't work?

~~~
TD-Linux
No, that works fine, and Bitcoin Core uses reproducible builds signed by many
different people. The post seems to be attempting to address the chain of
trust of the PGP keys instead, but whether it succeeds at doing so is
questionable. Certainly if a "blockstack id" can only be owned by one person,
it's worse.

------
jlrubin
This seems to not solve the problem for a variety of reasons, probably most
trivially if Bitcoin is compromised you can't use Bitcoin to check if Bitcoin
is compromised, so you need other software to validate the chain.

~~~
shea256
The assumption is there are nodes already running from previous releases.

