Hearts race, restless dreams— softly, longing slips away, stillness fills the air.

Successfully reproduced Coldcard Q1 firmware v1.3.3Q from source—bit-for-bit identical to the official release (excluding ECDSA signature). Proof of strong #ReproducibleBuilds and open auditability for Bitcoin hardware wallets. Full details:

WalletScrutiny

Coldcard Q

Review of Coldcard Q (verdict: sourceavailable)

#Bitcoin #Coldcard #SupplyChainSecurity

🔎✅ Verified: Nunchuk Android 1.68.1 split APKs reproducible! Only expected binary diffs (manifest, resources, Play Store signing) observed—no functional or security differences. Full report:

WalletScrutiny

Nunchuk Bitcoin Wallet

Review of Nunchuk Bitcoin Wallet (verdict: sourceavailable)

#Bitcoin #OpenSource #ReproducibleBuilds 🚀🔐🔁

Thinking out loud: 'list framework, language and other dependencies for apps" With the verifications we have produced, we now have access to data that can be utilized to compare apps. Some are reproducibile, others are not. what frameworks do reproducible apps use? Although not exhaustively the source of non-reproducibility - these provide vital clues. Yes, corellation isn't causation. But we have to start somewhere to help other app developers get their app reproducible.

✅ We verified that @nunchuk_io io.nunchuk.android v1.68.0 is reproducible! Despite minor expected diffs in AndroidManifest.xml & resources.arsc (e.g. Crashlytics ID, Google Play metadata), no functional changes were found. #ReproducibleBuilds #FOSS #Android

WalletScrutiny

Asset Information

✅ Just verified that Phoenix Wallet (Mainnet) v2.6.0 is reproducible! Built from source and matched Play Store APK byte-for-byte. 🔒 No signed tag/commit, but the build checks out. Full verification:

WalletScrutiny

Asset Information

🔍 Verified: @nunchuk_io Desktop v1.9.46 is fully reproducible Built on Ubuntu 22.04 using their official Docker-based guide ✅ ZIP & AppImage SHA256 match official release 🛠 Build: CMake + Qt + Docker 📦 Result: Byte-for-byte identical #ReproducibleBuilds #Bitcoin #OpenSource

WalletScrutiny

Asset Information

🔍 Just verified the Bitcoin Knots v28.1 (Linux x86_64) binary as reproducible! 🧪 Build matched byte-for-byte. 🔐 Signatures validated from Luke Dashjr & other Knots builders. 📎 Full details on WalletScrutiny:

WalletScrutiny

Asset Information

#Bitcoin #ReproducibleBuilds #FOSS

✅ Reproducibility confirmed for it.airgap.vault v3.32.7 (68124) 🔐 APK hash: 5ae0a8...9c25 🧬 Matches source at commit 3ec5c79... 🛠️ Built using test.sh & Docker 📄 Verified report:

WalletScrutiny

Asset Information

#ReproducibleBuilds #Android #OpenSource #WalletSecurity

Tried building Mixin Messenger for Linux (v2.2.0) from source — ran into a missing breakpad_client error. No buildable path without upstream fix. 🔧 GitHub Issue: https://github.com/MixinNetwork/flutter-app/issues/1747 🔍 WalletScrutiny Asset Info:

WalletScrutiny

Asset Information

#ReproducibleBuilds #CryptoWallets #LinuxApps

🔎 Check out this asset information I registered on WalletScrutiny: ✅ Reproducible Electrum Windows Standalone Executable (v4.5.8) Full verification and report available here:

WalletScrutiny

Asset Information

Independent reproducibility strengthens open-source security. 🔐 #ReproducibleBuilds #OpenSource #Electrum #WalletScrutiny

🚀 Successfully reproduced and verified Electrum 4.5.8 from source! 🔒 Full PGP verification passed — signatures from Thomas Voegtlin, Emzy, and SomberNight were ✅ ultimate trust ✅. 📜 SHA256 matched: dd8595a138132dee87cee76ce760a1d622fc2fd65d3b6ac7df7e53b7fb6ea7e8 🔎 See the full asset registered at WalletScrutiny: 👉

WalletScrutiny

Asset Information

#Bitcoin #OpenSource #ReproducibleBuilds #Electrum #WalletScrutiny

llm doesn't want to do the drake meme. just keeps on getting the hair (all of the hair) wrong. ;) https://pbs.twimg.com/media/GpSljzzbYAIRr7E?format=jpg&name=small

🔐 Verified: Keystone3 Pro Firmware v2.0.4 (Cypherpunk, Modern) is reproducible ✅ Unsigned binary matches local build byte-for-byte. Signed hash differs (as expected due to signature). 📄 Asset registered on WalletScrutiny:

WalletScrutiny

Asset Information

#ReproducibleBuilds #FirmwareIntegrity #Bitcoin

🔐 Verified! Keystone3 Pro Firmware v2.0.4 (Multi-Coin, Modern) is reproducible 🧪✅ Our build perfectly matches the unsigned official binary. Signed binary differs (expected due to signature). Tested with: keystone3pro.sh 2.0.4 multicoin modern 🔗 #ReproducibleBuilds #Bitcoin #FirmwareIntegrity #WalletScrutiny

WalletScrutiny

Asset Information

🔐 Verified! Keystone3 Pro Firmware v2.0.4 (Multi-Coin, Legacy) is reproducible 🧪✨ Our build matches the official unsigned binary byte-for-byte ✅ Signed binary differs (as expected) due to cryptographic signature. 🔍 Full test details: keystone3pro.sh 2.0.4 multicoin legacy 🔗 https://keyst.one/contents/KeystoneFirmwareG3/v2.0.4/web3/legacy_ota/keystone3.bin #ReproducibleBuilds #Bitcoin #FOSS

🔍 Tried to build Nunchuk Desktop from source — but hit a wall. ❌ Missing submodule libnunchuk (404 GitLab link) breaks the build. 🧪 Tested on both local Ubuntu & remote Debian. 🔐 Not reproducible in current state. 📦 SHA-256: (build failed — no binary to hash) 🔗

WalletScrutiny

Asset Information

#Bitcoin #ReproducibleBuilds #WalletScrutiny

🔍 Just verified a reproducible build of Nunchuk v1.67.0 (io.nunchuk.android)! ✅ The APK from my phone matches the one built from source (tag: android.1.67) 🔐 Signing excluded, but the code checks out byte-for-byte. 📦 SHA-256: 41a66972d53121db4c77fd54bd79202822074fea6db35059b3049bfb5571bb73 🔗

WalletScrutiny

Asset Information

🧪 Verified the BitBanana v0.9.4 Android app is functionally reproducible! 📦 Official split APKs were compared to those built from source. 🧾 Only minor binary diffs in AndroidManifest.xml & resources.arsc. 🔗

WalletScrutiny

Asset Information

🔍 Just verified a reproducible build of Blockstream Green v4.1.8! ✅ The APK from my phone matches the one built from source. 🔐 Signing was missing, but the code checks out. 📦 SHA-256: e2b842...50f89 🔗

WalletScrutiny

Asset Information