Immutable container runtimes sounds powerful, however I don't see how it can be proved/enforced. Do you have any pointers to how they work? nostr:nprofile1qqswlew3yr0ses5slf6gwflmgkkysl926drdfu3f82cxn68srlz3nqgpz3mhxue69uhhyetvv9ujuerpd46hxtnfduq3samnwvaz7tmjv4kxz7fwwdhx7un59eek7cmfv9kqz8thwden5te0dehhxarj94c82c3wwajkcmr0wfjx2u3wdejhgve4fay do you know anything about this?
Immutable container runtimes are becoming more and more prevalent.
It should be possible to build a cryptographically verifyable container for every commit on Github, then automtically deploy that container to an immutabl container runtime engine in such a way that the entire live production backend could be verified by users.
nostr:npub16c0nh3dnadzqpm76uctf5hqhe2lny344zsmpm6feee9p5rdxaa9q586nvr can you have the devs chew on this? I think its in Primal's best interst to put this type of concern trolling to rest.
Discussion
Well container images are by definition immutable since you know what hash you are running on, if you pair that with remote attestation you get crypographically provable environment which is also the fundamental part of confidential computing