BitBox02: Reproducible builds

Table of contents

  1. Why reproducible builds?
  2. What you can do

Why reproducible builds?

Whilst anyone can inspect the source code of open source software for malicious flaws how can you be certain that the binary built from that public source code is actually on your device?

Reproducible builds, also known as deterministic compilation, is a process of compiling firmware in a way that is reproducible, i.e. results in the exact same binary. By building the binary yourself and comparing the resulting checksum to the one we calculated you confirm that the binaries are identical.

What you can do

Please follow the README in the BitBox02 firmware repository: https://github.com/digitalbitbox/bitbox02-firmware/tree/master/releases