Nostr Web Client

It will be interesting to see how it all plays out.

I'd definitely value a dev attesting that they reviewed all the code added to Sparrow Wallet in a release and Craig Raw isn't obviously rugging everyone. I'd want to zap that.

franzap 1y ago

Sure. But besides reproducible builds it's impossible to know if the build is not manipulating the source code. So you got to trust the dev and the build environment

Reply to this note

Please Login to reply.

Discussion

franzap 1y ago

That's where OS permissions and software like opensnitch etc can help too

DanConwayDev 1y ago

I personally use nix, which allows me to easily build from source in a lot of cases.

DanConwayDev 1y ago

But it doesn't matter if the builds are reproducable if the source code contains malicious code.