User Created Build Verifications on Nostr

Asset Registry Top Build Verifiers Register New Asset New Verification

What are User Created Nostr Build Verifications?

Nostr Build Verifications represent a novel approach to software binary build verification, enabling users to independently reproduce binaries from source code and share their findings with the community. This system leverages the decentralized Nostr network to store and distribute verification messages.

When users compile software from source code and verify that the resulting binary matches or doesn't match the distributed version, they can create a build verification - a signed message confirming or denying this verification. These build verifications are then broadcast through the Nostr network, creating a public record of independent build verifications that other users can see and reference. Users are able to upload the scripts used to reproduce each binary and the output of the execution, so that other users can verify the reproducibility of the binary themselves.

This community-driven build verification system helps enhance software security and transparency by:

  • Allowing users to verify software build authenticity independently
  • Creating a decentralized record of build verifications
  • Making binary build verification results publicly accessible
  • Building trust through community participation

Where to Start?

There are four main ways to explore build verifications in our system:

  • Browse the Asset Registry - View all the wallet binaries that have been added to our system
  • Top Build Verifiers - See the most active community members who verify wallet builds
  • Use the Wallet Search - Find build verifications for a specific Bitcoin wallet using our search feature in the navigation bar at the top
  • Verify a specific binary - Use a computer to drop your binary file in our verification tool to check existing build verifications or create new ones.
Drop file to verify

or
Learn more

If the binary is new to the network, you'll be prompted to register it providing some additional information so testers know where it came from and for which product it is.

If the binary is already known, you'll be able to view existing build verifications, access build instructions, or create your own build verification.

Note that not all Bitcoin wallets have build verifications available, as this is a community-driven effort.

Prerequisites

If you only want to view existing verifications, you don't need any additional tools.

To contribute new binary information or create verifications, you'll need a Nostr browser extension. Learn more about getting started with Nostr.

How can I calculate the SHA256 hash of a binary?

To register a new binary, you'll need its SHA256 hash. You have two options to calculate it:

Option 1: Using Our Tool

Simply use a computer (mobile not supported for now) and drag and drop your file into the drop zone below, and we'll calculate the SHA256 hash for you automatically.

Drop file to verify

or
Learn more

Option 2: Using Command Line Tools

On Linux or macOS, open a terminal and run:

sha256sum path/to/your/file

On Windows, use:

certutil -hashfile path\to\your\file SHA256