Bootstrappable builds
Do you know how to make yoghurt? The first step is to add yoghurt to milk! How can you build a compiler like
GCC
? The first step is to get a compiler that can compile the compiler.
Compilers are often written in the language they are compiling.
This creates a chicken-and-egg problem that leads users and distributors to rely on opaque, pre-built binaries of those compilers that they use to build newer versions of the compiler.
To gain trust in our computing platforms, we need to be able to tell how each part was produced from source.
We believe that opaque binaries are a threat to user security and user freedom since they are not auditable;
our goal is to minimize the amount of bootstrap binaries.
Benefits
This is nice, but what are the
actual
benefits of “bootstrappable” implementations?
Find out what additional benefits
there are to achieving bootstrappable builds.
Best practices
Are you developing or contributing to software that is affected by the bootstrapping problem?
Here we list
best practices and practical examples
that can help you pull yourself up by your own bootstraps.
Collaboration projects
Solving bootstrapping problems in existing compilers and build systems requires collaboration.
Here is a
list of long-term high-impact projects
that we would like to work on collaboratively.
More projects and status updates can be found
on the bootstrapping wiki
Join the
mailing list
and/or the
IRC channel #bootstrappable
on libera.chat for news and communication!
Further reading
Ken Thompson's acceptance speech for the 1983 Turing Award:
Reflections on trusting trust
Toy example of a subverted rust compiler
What is a coder's worst nightmare?
Defending Against Compiler-Based Backdoors
Deniable Backdoors Using Compiler Bugs