Nostr Web Client

While nostr:npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8 complains about Pi’s “unverifiable GPU code”, their own devices have the same equivalent, except you can’t even see the blob to compare with others

(you must trust the bootloader to provide you a hash, what could go wrong)

🤔

61bb909b... 1y ago

Response nostr:npub132ertlsrunh600cph2au55ssmel2cqdt5mnrpxfand5ych4nmp8q50zmdh ?

Reply to this note

Please Login to reply.

Discussion

DETERMINISTIC OPTIMISM 🌞 1y ago

Unlike Raspbery Pi, we wrote the coldcard bootloader, it's fully verifiable. I recommend reading the code in addition to docs. https://github.com/coldcard/firmware

semisol 1y ago

The entire problem is that the bootloader has to be trusted with attesting what it is.

61bb909b... 1y ago

So you can look at the bootloader software but you’re trusting the software to tell you what it’s doing accurately?

semisol 1y ago

Yes, the only way you can verify it with custom firmware is to ask the bootloader itself for its hash from the docs.