From 2a2ce612ec4ede42fc4d288056d1a32c39d94b59 Mon Sep 17 00:00:00 2001 From: SomberNight Date: Fri, 25 Mar 2022 21:26:10 +0100 Subject: [PATCH] win build: add instructions to investigate reproducibility failure --- contrib/build-wine/README.md | 26 ++++++++++++++++++++------ 1 file changed, 20 insertions(+), 6 deletions(-) diff --git a/contrib/build-wine/README.md b/contrib/build-wine/README.md index 617dd9b12..8c1fd83e7 100644 --- a/contrib/build-wine/README.md +++ b/contrib/build-wine/README.md @@ -1,5 +1,4 @@ -Windows binaries -================ +# Windows binaries ✓ _These binaries should be reproducible, meaning you should be able to generate binaries that match the official releases._ @@ -29,8 +28,7 @@ similar system. -Code Signing -============ +## Code Signing Electrum Windows builds are signed with a Microsoft Authenticode™ code signing certificate in addition to the GPG-based signatures. @@ -57,8 +55,7 @@ certificate/key) and one or multiple trusted verifiers: -Verify Integrity of signed binary -================================= +## Verify Integrity of signed binary Every user can verify that the official binary was created from the source code in this repository. To do so, the Authenticode signature needs to be stripped since the signature @@ -73,3 +70,20 @@ This procedure removes the differences between the signed and unsigned binary: of 8. The script `unsign.sh` performs these steps. + +## FAQ + +### How to investigate diff between binaries if reproducibility fails? +`pyi-archive_viewer` is needed, for that run `$ pip install pyinstaller`. +As a first pass overview, run: +``` +pyi-archive_viewer -l electrum-*.exe1 > f1 +pyi-archive_viewer -l electrum-*.exe2 > f2 +diff f1 f2 > d +cat d +``` +Then investigate manually: +``` +$ pyi-archive_viewer electrum-*.exe1 +? help +```