We should find a way to make WASM builds reproducible.
Motivation
Peers need to be able to verify that WASM is the same across them.
Users need to be able to verify that the source code that they see corresponds to the WASM that they see in the blockchain.
Solutions
Ignore the reproducibility aspect
Same as Parity Substrate
π Easy to implement: whatever binary was submitted is the sole source of truth
π Leads to black box scripting, where malicious actors could submit black boxes that work as normal, until being activated and wreak havoc on-chain.
π The users have to trust that the code does what it's supposed to do.
Direct code submission
Solves the problem of DSL
π No separate code submission process. Compile and run locally, submit code
π Users don't need to trust anything
π Complex
π An async build can complicate the BFT aspect of Sumeragi.
π Rust is not the best candidate language, preferably use an interpreted language e.g. Python, Haskell.
Pinned dependency reproducible builds
Same as CosmoSDK
π Users can verify if they need to.
π Can be integrated into a web form, where people input code and get base64-encoded WASM.
π Leads to version proliferation, each minor version bump leads to a new version in the blockchain
π Our dependencies need to be pinned in Cargo.toml not just Cargo.lock.
Feature request
We should find a way to make WASM builds reproducible.
Motivation
Peers need to be able to verify that WASM is the same across them.
Users need to be able to verify that the source code that they see corresponds to the WASM that they see in the blockchain.
Solutions
Ignore the reproducibility aspect
Direct code submission
async
build can complicate the BFT aspect of Sumeragi.Pinned dependency reproducible builds
base64
-encoded WASM.Cargo.toml
not justCargo.lock
.