sindresorhus
commented
6 years ago Note that we should never do silent auto-updates. There should at least be a choice for the user.
Open lukechilds opened 6 years ago
sindresorhus
commented
6 years ago Note that we should never do silent auto-updates. There should at least be a choice for the user.
This could be very beneficial for quick security patches, not just for HyperDEX but also any binaries we bundle.
However could also have security implications, if the update process was compromised then an attacker could instantly gain access to all HyperDEX users funds.
We could make an attack like this extremely unfeasible by also requiring the updates to be signed with one (or maybe multiple PGP keys). These could be owned by trusted developers, members of SuperNET etc.
An attacker would have to compromise the update process as well as all of the required PGP keys to successfully push an update.