Bitcoin developers try to improve the Bitcoin build system to stop phishing attacks

Chaincode Lab Bitcoin developer Carl Dong is working to improve the security of the Bitcoin construction system to address the "猖獗" phishing attacks that occur when users try to download the source code. The Bitcoin Network introduced Gitian Building in 2016 to standardize the build environment and support replicable builds. In other words, whenever a new update is released by the Bitcoin network, all developers and maintainers can run the Gitian Building process and end up with the same files on their computers. They can then compare the output to each other and ensure that their computers have not been hacked. But the current system is reproducible but not auditable. The changes proposed by Carl Dong will reduce the risk of third-party attacks. Developers can use smaller tools to build compilers instead of blindly downloading from third parties. The current trusted binary seed is too large to be reviewed, but the change proposed by Dong will reduce its size from 200 megabytes to around 500 bytes, and developers can easily break up the binary seed and copy the build. Dong plans to develop a pull request for Linux, Windows and macOS. Since the Linux part has been merged, he is currently working on the Windows and macOS parts of the project. He hopes to complete the entire project next year.