trezor-firmware
trezor-firmware copied to clipboard
Published
20 hours ago •
trezor
trezor
docs: update reproducibility instructions
fixes #3418 fixes #4254
@bosomt please try reproducible builds based on these instructions @Hannsek please review in terms of readability
QA OK
- builded 2.8.3 firmwares from repo
ddsignaturessha256sumboth files- same results
❯ dd if=/dev/zero of=trezor-t3t1-2.8.3.bin bs=1 seek=1983 count=65 conv=notrunc
65+0 records in
65+0 records out
65 bytes transferred in 0.000830 secs (78313 bytes/sec)
❯ dd if=/dev/zero of=firmware-T3T1-2.8.3-7f373ae71.bin bs=1 seek=1983 count=65 conv=notrunc
65+0 records in
65+0 records out
65 bytes transferred in 0.001209 secs (53763 bytes/sec)
❯ sha256sum trezor-t3t1-2.8.3.bin
83677f634f29e0f066153b599c25a8047729608d555f4c289b91df726472fd5d trezor-t3t1-2.8.3.bin
❯ sha256sum firmware-T3T1-2.8.3-7f373ae71.bin
83677f634f29e0f066153b599c25a8047729608d555f4c289b91df726472fd5d firmware-T3T1-2.8.3-7f373ae71.bin
I can confirm that version 2.8.3 is reproducible. I have updated my review in walletscrutiny, and would close issue 4254 once this is merged. Asciicast in YouTube for Trezor Safe 5 v2.8.3
Built from commit 39565d3970deb9d696217cda793dc467f2a8e3e5
Fingerprints:
02826539b47dd30ce99a769666639e5e92290c58c417f53359ce52c6dc68522b build/core-R/bootloader/bootloader.bin
bb0532e2378196b878eb7b5c50597b563eacbdb950d488409d940252cce450a4 build/core-R/firmware/firmware.bin
02826539b47dd30ce99a769666639e5e92290c58c417f53359ce52c6dc68522b build/core-R-bitcoinonly/bootloader/bootloader.bin
81c6c3a67ca2a04e9b6b0068a96c2db1e77c6cc972188d178f588c7cdb5ffd32 build/core-R-bitcoinonly/firmware/firmware.bin
819445f377568988110fe797f9163a903e48dda21c88054f686a55a5026ce819 build/core-T/bootloader/bootloader.bin
04626fe134c93f072d982c125055f14c47dba4a4671fa1b5e69a08d4a0da55f7 build/core-T/firmware/firmware.bin
819445f377568988110fe797f9163a903e48dda21c88054f686a55a5026ce819 build/core-T-bitcoinonly/bootloader/bootloader.bin
b0160661b3c87886dbb32d9dfa5a6220d7ea6af7c9f46b4d5ce2d37f0c6740d2 build/core-T-bitcoinonly/firmware/firmware.bin
dfabe8b10368f268cedaa505e284192329f489519dd71feb5fba7d610ef748fc build/core-T3T1/bootloader/bootloader.bin
0de51126c17cc0ac623800638dc851c0abd5b787cad5f3aa5843ea2c4cf8248a build/core-T3T1/firmware/firmware.bin
dfabe8b10368f268cedaa505e284192329f489519dd71feb5fba7d610ef748fc build/core-T3T1-bitcoinonly/bootloader/bootloader.bin
9eaf99a9420d2a3b9377102eb06b938f5a1886ecb06cccde7fd3cb7a39e1abd7 build/core-T3T1-bitcoinonly/firmware/firmware.bin
Hash of non-signature parts downloaded/compiled standard:
65+0 records in
65+0 records out
65 bytes copied, 0.000146538 s, 444 kB/s
83677f634f29e0f066153b599c25a8047729608d555f4c289b91df726472fd5d trezor-t3t1-2.8.3.bin.zeroed
83677f634f29e0f066153b599c25a8047729608d555f4c289b91df726472fd5d build/core-T3T1/firmware/firmware.bin
Hash of non-signature parts downloaded/compiled bitcoinonly:
65+0 records in
65+0 records out
65 bytes copied, 0.000173488 s, 375 kB/s
13273f77e41c92755ab210a28fec9b54dc9df08af96c66caeb552b48028458aa trezor-t3t1-2.8.3-bitcoinonly.bin.zeroed
13273f77e41c92755ab210a28fec9b54dc9df08af96c66caeb552b48028458aa build/core-T3T1-bitcoinonly/firmware/firmware.bin
Hash of the signed firmware:
9f68696478e09d7bf8b8f5181413d8a5386b37571dc2f5ed8511a24f4c1d35b7 trezor-t3t1-2.8.3.bin
49996a1a602f08809427cf3b959f3c70eeef1fcfd45f267bd6d058496a4cc37e trezor-t3t1-2.8.3-bitcoinonly.bin
