desire...
does lead to suffering...
dannybuntu
dannybuntu@walletscrutiny.com
npub1r709...sf7d
Open Source contributor to FOSS project walletscrutiny.com and nostr.info
“It can’t be,” I think—
restless in her silent hours,
longing grows, unseen.
Why do you linger,
Sats dancing in restless dreams—
Questions echo on.
Always in my mind,
Thoughts of you just won't let go—
Peace, a ghost, denied.
Hearts race, restless dreams—
softly, longing slips away,
stillness fills the air.
Successfully reproduced Coldcard Q1 firmware v1.3.3Q from source—bit-for-bit identical to the official release (excluding ECDSA signature).
Proof of strong #ReproducibleBuilds and open auditability for Bitcoin hardware wallets.
Full details: 
#Bitcoin #Coldcard #SupplyChainSecurity
WalletScrutiny
Coldcard Q
Review of Coldcard Q (verdict: sourceavailable)
🔎✅ Verified: Nunchuk Android 1.68.1 split APKs reproducible!
Only expected binary diffs (manifest, resources, Play Store signing) observed—no functional or security differences.
Full report:
#Bitcoin #OpenSource #ReproducibleBuilds 🚀🔐🔁
Redirecting…
Thinking out loud: 'list framework, language and other dependencies for apps" With the verifications we have produced, we now have access to data that can be utilized to compare apps. Some are reproducibile, others are not. what frameworks do reproducible apps use? Although not exhaustively the source of non-reproducibility - these provide vital clues.
Yes, corellation isn't causation. But we have to start somewhere to help other app developers get their app reproducible.
✅ We verified that @nunchuk_io io.nunchuk.android v1.68.0 is reproducible!
Despite minor expected diffs in AndroidManifest.xml & resources.arsc (e.g. Crashlytics ID, Google Play metadata), no functional changes were found.
#ReproducibleBuilds #FOSS #Android
WalletScrutiny
Asset Information
A project to improve wallet security
✅ Just verified that Phoenix Wallet (Mainnet) v2.6.0 is reproducible!
Built from source and matched Play Store APK byte-for-byte.
🔒 No signed tag/commit, but the build checks out.
Full verification:
WalletScrutiny
Asset Information
A project to improve wallet security
🔍 Verified: @nunchuk_io Desktop v1.9.46 is fully reproducible
Built on Ubuntu 22.04 using their official Docker-based guide
✅ ZIP & AppImage SHA256 match official release
🛠 Build: CMake + Qt + Docker
📦 Result: Byte-for-byte identical
#ReproducibleBuilds #Bitcoin #OpenSource
WalletScrutiny
Asset Information
A project to improve wallet security
🔍 Just verified the Bitcoin Knots v28.1 (Linux x86_64) binary as reproducible!
🧪 Build matched byte-for-byte.
🔐 Signatures validated from Luke Dashjr & other Knots builders.
📎 Full details on WalletScrutiny:
#Bitcoin #ReproducibleBuilds #FOSS
WalletScrutiny
Asset Information
A project to improve wallet security
✅ Reproducibility confirmed for it.airgap.vault v3.32.7 (68124)
🔐 APK hash: 5ae0a8...9c25
🧬 Matches source at commit 3ec5c79...
🛠️ Built using test.sh & Docker
📄 Verified report:
#ReproducibleBuilds #Android #OpenSource #WalletSecurity
WalletScrutiny
Asset Information
A project to improve wallet security
Tried building Mixin Messenger for Linux (v2.2.0) from source — ran into a missing breakpad_client error. No buildable path without upstream fix.
🔧 GitHub Issue: 
🔍 WalletScrutiny Asset Info:
#ReproducibleBuilds #CryptoWallets #LinuxApps
GitHub
Reproducible builds Linux Desktop Build Fails Due to Missing `breakpad_client` Source and Headers - WalletScrutiny.com · Issue #1747 · MixinNetwork/flutter-app
Hi Mixin team, I'm working with walletscrutiny.com a project dedicated to improving transparency and verifiability in mobile and desktop cryptocurr...
WalletScrutiny
Asset Information
A project to improve wallet security
🔎 Check out this asset information I registered on WalletScrutiny:
✅ Reproducible Electrum Windows Standalone Executable (v4.5.8)
Full verification and report available here:
Independent reproducibility strengthens open-source security. 🔐
#ReproducibleBuilds #OpenSource #Electrum #WalletScrutiny
WalletScrutiny
Asset Information
A project to improve wallet security
🚀 Successfully reproduced and verified Electrum 4.5.8 from source!
🔒 Full PGP verification passed — signatures from Thomas Voegtlin, Emzy, and SomberNight were ✅ ultimate trust ✅.
📜 SHA256 matched: dd8595a138132dee87cee76ce760a1d622fc2fd65d3b6ac7df7e53b7fb6ea7e8
🔎 See the full asset registered at WalletScrutiny:
👉
#Bitcoin #OpenSource #ReproducibleBuilds #Electrum #WalletScrutiny
WalletScrutiny
Asset Information
A project to improve wallet security
Worked til 1 AM, age 43, feel like shit. Apologies if I am combative. I'm usually more mellow when well-rested.
GM! nostr. So. What are you building today?
Any chance that would get acquired for 31949.69 BTC?
($3 billion USD)
llm doesn't want to do the drake meme. just keeps on getting the hair (all of the hair) wrong. ;)
https://pbs.twimg.com/media/GpSljzzbYAIRr7E?format=jpg&name=small
🧱 Bitcoin Core Reproducible Build: Web of Trust Diagram
[1] Official Source Release (v29.0)
|
|---> Signed Git tag by maintainer (e.g., Glozow)
| |
| `---> Tag is GPG-signed by: F19F5FF2B0589EC341220045BA03F4DBE0C63FB4
|
[2] Independent Builders Clone Repo
|
|---> hebasto ---> git checkout v29.0
| ---> guix build
| ---> generate hash + .buildinfo + manifest
| ---> sign the hash with GPG
|
|---> fanquake ---> same steps
|
|---> others ---> same steps
|
[3] Submit signatures to guix.sigs
|
`---> Each signature (.sig) matches the same commit/hash
|
`---> Verified: Everyone built the exact same binary from the same source
[4] Anyone can verify:
|
|---> Compare hashes of downloaded binaries
|---> Check `.sig` files against public GPG keys of signers
|
`---> Trust is built because:
Multiple builders + identical outputs + verified GPG signatures