If anyone wants to try it out, it's now checks gitian.

If anyone groks GPG well, please check the code in verify_signature. The bitflags isn't super obvious, and I'm not sure there's not a way to bypass it.

I was thinking that maybe using a browser extension, similar to what TAILS uses to verify signatures, for Chromium and Firefox browsers may help people who don't use PGP.

Verify their downloads from getmonero.org if they have the extension. It's open source, to the best of my knowledge, and a fork dedicated to monero distributions may help less tech savvy people

As the currency is fungible and functions great as an Electronic Cash unlike BTC and BCH (since confidential transactions/coinjoin aren't standard practice)

Oh, and it'd nice if it could get tested by one windows person and one mac person, since there's some rewriting since platform names aren't the same between DNS records and gitian.

error: 'sleep' was not declared in this scope

Fixed (probably)

Mine says no gitian signatures found

anything I have to import ?

No.

ok -mac is -osx

Ah, the directory name is also different -_- will fix.

should really be using depends to setup the build dependencies

then GUI builds wouldn't miss these things

KiloLima: browser extensions are notoriously untrustworthy

If we talk metaphorically, these are people that have unprotected sex, and a browser extension is essentially the cheapest grade condom available on the market. Replace condom with free browser extension and unprotected sex with non-verified or verifiable downloads.

It's better than absolutely nothing and provides a veneer.

moneromooo: you don't need this runtime check github.com/moneromooo-monero/monero…ate/blob/master/src/updater.cpp#L70

just use #if defined __linux__

#if defined __aarch64__

#elif defined __arm__

#endif

#endif

anyway your if has a typo, should be __aarch64__ not __arch64__

So __aarch64__ is always v8, and __arm__ otherwise is v7 ?

yes

Is there a current min / max openssl version that is required?

Not that I know of, though you typically want something as recent as you can get.

ok both my local build and buildbot stopped building because of linking error (the ones I posted yesterday)

maybe a macOS update changed the shipping openssl version

btw, checking gcc here, aarch64 does not define arm

is what we discussed earlier in the day about the Linux GUI the reason it's not available for download right now?

What happened with Monero support on old-school TREZOR?

Was it something to do with memory constraints, so it didn't work post ring t?

rehrar: linux GUI is available

Ringct*

oh shoot, now it is.

it always was lol

I kept getting some error with downloading because the file wasn't there or something

bro, I was literally clicking my mouse as hard as I could

browser cache maybe

Ctrl shift R next time

impossibru. fresh laptop

Forced cache reload

Rehrar: X to doubt

At the moment, checking gitian requires two (or more) matches from TheCharlatan/hyc/iDunk. Two more people uploaded hashes. We want to give those people some weight, but less than people with existing history. I'm thinking of allowing any uploaded key, with count as one point, make well known people 3 points, and require, say, 6 points. So you'd need 2 established people or 6 randoms (or 1+3). Any

other idea ?

Perhaps only allow the new keys to add weight to hashes signed by known people?

So, thecharlatan posts a hash, and three new keys sign it, or hyc/idunk signs it, it goes through

But still requires at least one known person to vouch

I'm only worried about sybil/long-range sybil if we allow 6+ keys from unknown people through (as they could railroad a verification without any known people)

Basically, I see little to no benefit to letting a build be verified entirely by unknown/untrusted parties.

Wouldn’t we only merge matching keys to gitian.sigs anyway?

Matching hashes ? Yes, but someone migh be MITM the connection to github and serving fake data.

So I'll keep it that way for now (2+ known people).

TheCharlatan: btw, your signing key's expired, so your gitian sig gets ignored.

Does monero support openssl 1.1 ?

I think that’s my problem, my package manager updated to 1.1

I had 1.0.2t previously

Homebrew/homebrew-core #46876 removed 3 days ago, that explains it

It does.

Yes.

ok than maybe some cmake thing because it does not work on Mac with 1.1 :/

found the issue, monero builds with 1.1 but GUI links to 1.0