Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Please provide verifiable builds #24

Open
Giszmo opened this issue Jan 29, 2020 · 2 comments
Open

Please provide verifiable builds #24

Giszmo opened this issue Jan 29, 2020 · 2 comments

Comments

@Giszmo
Copy link

Giszmo commented Jan 29, 2020

Your FAQ claims

Do you provide deterministic builds? Since we need to distribute the app via the App Store that is not possible. The source is however available on our Github so that anyone can review and compile it.

Could you please elaborate?

Verifiable builds are maybe a bit a lower standard than fully deterministic builds in the sense that the signature also has to be reproducible but for what it's worth, due to the lack of documentation I also failed to compile the app at all. Maybe you can help me out. Here are my detailed findings.
@Giszmo
Copy link
Author

Giszmo commented Mar 29, 2020

Is there any update on your build instructions?

@emanuelb
Copy link

emanuelb commented Jun 2, 2021

Regarding build instructions, see Containerfile:
(which require before calling yarn install to apply the patch in issue: #65 or change the NODE_ENV to development)

FROM frolvlad/alpine-glibc

RUN set -ex; \
    apk update; \
    apk add --no-cache \
        git \
        yarn \	
        openjdk8; \
    adduser -D appuser;

USER appuser

ENV ANDROID_SDK_ROOT="/home/appuser/app/sdk" \
    ANDROID_HOME="/home/appuser/app/sdk" \
    NODE_ENV="production"

RUN set -ex; \
    mkdir -p "/home/appuser/app/sdk/licenses" "/home/appuser/app/wallet/"; \
    printf "\n24333f8a63b6825ea9c5514f83c2829b004d1fee" > "/home/appuser/app/sdk/licenses/android-sdk-license"; \
    cd /home/appuser/app/wallet/; \
    wget https://github.com/COINiD/COINiDWallet/archive/refs/tags/v1.8.0.zip; \
    echo "f15f1586b8839f3e017b429792e5f07ff3aad30585386abe93bf5a863c3517cc  v1.8.0.zip" | sha256sum -c; \
    unzip v1.8.0.zip; \
    rm v1.8.0.zip; \
    cd /home/appuser/app/wallet/COINiDWallet-1.8.0/; \
# Apply patch for issue 65 here, see https://github.com/COINiD/COINiDWallet/issues/24 for more details. ; \
    yarn install; \
    rm -rf ./node_modules/graceful-fs/; \
    cd /home/appuser/app/wallet/COINiDWallet-1.8.0/node_modules/; \
    wget https://github.com/isaacs/node-graceful-fs/archive/refs/heads/master.zip; \
    unzip master.zip; \
    rm master.zip; \
    mv /home/appuser/app/wallet/COINiDWallet-1.8.0/node_modules/node-graceful-fs-master/ /home/appuser/app/wallet/COINiDWallet-1.8.0/node_modules/graceful-fs/; \
    echo -e "#!/bin/sh\n/bin/true" > /home/appuser/app/wallet/COINiDWallet-1.8.0/node_modules/@react-native-community/cli/setup_env.sh; \
    cd /home/appuser/app/wallet/COINiDWallet-1.8.0/android/; \
    keytool -genkey -alias coinid_alias -keystore app/coinid.pfx -storetype PKCS12 -keyalg RSA -keysize 4096 -storepass coinid_alias -keypass coinid_alias -validity 10000 -dname CN=IL; \
    echo -e "\nCOINID_RELEASE_STORE_FILE=coinid.pfx\nCOINID_RELEASE_STORE_PASSWORD=coinid_alias\nCOINID_RELEASE_KEY_PASSWORD=coinid_alias\nCOINID_RELEASE_KEY_ALIAS=coinid_alias\n\n" >> gradle.properties; \
    ./gradlew assembleRelease

Opened issues:
for diffs in PNGs #63
to being able to compile the app in node production mode: #65 (patch included)
There are other diffs which I didn't look into them , the provider don't respond to my issues here on github...

diffs are:

Files ./LocalBuild/AndroidManifest.xml and ./GooglePlay/AndroidManifest.xml differ
Files ./LocalBuild/assets/index.android.bundle and ./GooglePlay/assets/index.android.bundle differ
Files ./LocalBuild/classes.dex and ./GooglePlay/classes.dex differ
Files ./LocalBuild/META-INF/CERT.RSA and ./GooglePlay/META-INF/CERT.RSA differ
Files ./LocalBuild/META-INF/CERT.SF and ./GooglePlay/META-INF/CERT.SF differ
Files ./LocalBuild/META-INF/MANIFEST.MF and ./GooglePlay/META-INF/MANIFEST.MF differ
Files ./LocalBuild/res/drawable/gradient.png and ./GooglePlay/res/drawable/gradient.png differ
Files ./LocalBuild/res/drawable-anydpi-v21/ic_launcher_foreground.xml and ./GooglePlay/res/drawable-anydpi-v21/ic_launcher_foreground.xml differ
Files ./LocalBuild/res/drawable-anydpi-v24/$ic_launcher_background__0.xml and ./GooglePlay/res/drawable-anydpi-v24/$ic_launcher_background__0.xml differ
Files ./LocalBuild/res/drawable-anydpi-v24/ic_launcher_background.xml and ./GooglePlay/res/drawable-anydpi-v24/ic_launcher_background.xml differ
Files ./LocalBuild/res/drawable-hdpi-v4/ic_launcher_background.png and ./GooglePlay/res/drawable-hdpi-v4/ic_launcher_background.png differ
Files ./LocalBuild/res/drawable-ldpi-v4/ic_launcher_background.png and ./GooglePlay/res/drawable-ldpi-v4/ic_launcher_background.png differ
Files ./LocalBuild/res/drawable-mdpi-v4/ic_launcher_background.png and ./GooglePlay/res/drawable-mdpi-v4/ic_launcher_background.png differ
Files ./LocalBuild/res/drawable-xhdpi-v4/ic_launcher_background.png and ./GooglePlay/res/drawable-xhdpi-v4/ic_launcher_background.png differ
Files ./LocalBuild/res/drawable-xxhdpi-v4/ic_launcher_background.png and ./GooglePlay/res/drawable-xxhdpi-v4/ic_launcher_background.png differ
Files ./LocalBuild/res/drawable-xxxhdpi-v4/ic_launcher_background.png and ./GooglePlay/res/drawable-xxxhdpi-v4/ic_launcher_background.png differ
Files ./LocalBuild/res/mipmap-hdpi-v4/ic_launcher.png and ./GooglePlay/res/mipmap-hdpi-v4/ic_launcher.png differ
Files ./LocalBuild/res/mipmap-hdpi-v4/ic_launcher_round.png and ./GooglePlay/res/mipmap-hdpi-v4/ic_launcher_round.png differ
Files ./LocalBuild/res/mipmap-hdpi-v4/logo.png and ./GooglePlay/res/mipmap-hdpi-v4/logo.png differ
Files ./LocalBuild/res/mipmap-mdpi-v4/ic_launcher.png and ./GooglePlay/res/mipmap-mdpi-v4/ic_launcher.png differ
Files ./LocalBuild/res/mipmap-mdpi-v4/ic_launcher_round.png and ./GooglePlay/res/mipmap-mdpi-v4/ic_launcher_round.png differ
Files ./LocalBuild/res/mipmap-mdpi-v4/logo.png and ./GooglePlay/res/mipmap-mdpi-v4/logo.png differ
Files ./LocalBuild/res/mipmap-xhdpi-v4/ic_launcher.png and ./GooglePlay/res/mipmap-xhdpi-v4/ic_launcher.png differ
Files ./LocalBuild/res/mipmap-xhdpi-v4/ic_launcher_round.png and ./GooglePlay/res/mipmap-xhdpi-v4/ic_launcher_round.png differ
Files ./LocalBuild/res/mipmap-xhdpi-v4/logo.png and ./GooglePlay/res/mipmap-xhdpi-v4/logo.png differ
Files ./LocalBuild/res/mipmap-xxhdpi-v4/ic_launcher.png and ./GooglePlay/res/mipmap-xxhdpi-v4/ic_launcher.png differ
Files ./LocalBuild/res/mipmap-xxhdpi-v4/ic_launcher_round.png and ./GooglePlay/res/mipmap-xxhdpi-v4/ic_launcher_round.png differ
Files ./LocalBuild/res/mipmap-xxhdpi-v4/logo.png and ./GooglePlay/res/mipmap-xxhdpi-v4/logo.png differ
Files ./LocalBuild/res/mipmap-xxxhdpi-v4/ic_launcher.png and ./GooglePlay/res/mipmap-xxxhdpi-v4/ic_launcher.png differ
Files ./LocalBuild/res/mipmap-xxxhdpi-v4/ic_launcher_round.png and ./GooglePlay/res/mipmap-xxxhdpi-v4/ic_launcher_round.png differ
Files ./LocalBuild/res/mipmap-xxxhdpi-v4/logo.png and ./GooglePlay/res/mipmap-xxxhdpi-v4/logo.png differ
Files ./LocalBuild/resources.arsc and ./GooglePlay/resources.arsc differ

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Giszmo @emanuelb