Y
Hacker News
new
|
ask
|
show
|
jobs
by
ardani
2529 days ago
Let me get this straight, this does not involve handing private keys to F-Droid? The app is verified reproducible minus the signature?
AFAIK it should work that way but I couldn't tell from the diagram and skimming the text.
1 comments
Boulth
2529 days ago
Yes, F Droid builds it itself. Then compares with your build minus the signature. If it's the same it publishes with your signature. No need for any private key handling.
link