WalletWasabi: Deterministic build fails

@nopara73 merged https://github.com/zkSNACKs/WalletWasabi/pull/3872 so with the package.lock file the exact version of every dependency can be controlled. A couple of issues raised by this and unfortunately it did not solve the original problem, that the deterministic build is not working.

However, after running the packager on windows the lock files grown so I added the changes:

https://github.com/zkSNACKs/WalletWasabi/pull/4075 https://github.com/zkSNACKs/WalletWasabi/pull/4074

  • Seemingly if you run publish on different platforms, more and more dependency hashes added.
  • If you add /p:RestoreLockedMode=true here it will fail as “hash inconsistency”. When I was running the Packager as it is now in the source, without locked mode, I saw that the package.lock files were modified meanwhile the build and only at the end were the same like in the current master. So donet publish is manipulating the lock file according to the runtime platform.

I uploaded some files here to compare the differences

AfterRunningPackager.zip -> the first phase of the packager basically just publish the files and get them ready for packing and signing.

WithOnlyBinaries.zip -> Just ran onlybinaries right after creating the zip above.

Here are the files: https://github.com/molnard/WalletWasabi/releases/tag/v1.1.12rc3

commit b7608c3ef366cc6200e93cca6f74d0497cf37083

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Comments: 15

Most upvoted comments

Status report

I followed this guide: https://github.com/zkSNACKs/WalletWasabi/blob/master/WalletWasabi.Documentation/Guides/DeterministicBuildGuide.md

By fixing this https://github.com/zkSNACKs/WalletWasabi/issues/4090 the situation improved a lot.

Windows

Zero difference

Linux

Zero difference, just line endings in SOS_README.TXT

image

macOS

Many differences in the binaries. According to Apple documentation, the signature that is used to ensure the integrity of the software is added into the binary itself.

If the code is universal, the object code for each slice (architecture) is signed separately. This signature is stored within the binary file itself.

Source

According to this, it is impossible to have a deterministic build and code signature on macOS.

image

+2
molnard on Aug 4, 2020

Those warnings are because of end_of_line=lf in the editorconfig which was changed in #3799

I think it’s more like thanks to git setting: core.autocrlf (https://www.git-scm.com/book/en/v2/Customizing-Git-Git-Configuration).

+1
kiminuo on Jul 30, 2020

@molnard Could you somehow summarize what’s current status after those two PRs? What is the next issue?

+1
kiminuo on Jul 30, 2020
Read more comments on GitHub
← WalletWasabi: Crash, when hoovering over coinjoin UTXO list.
WalletWasabi: Error recovering wallet implies wallet already exists, even after deleting →