|
|
|
|
|
|
by azathothas
929 days ago
|
|
|
It's up to the pkg maintainer that's being used as the source. The default PKGs, located at: https://github.com/metis-os/hysp-pkgs, are automated via GitHub actions. You can look at the workflow codes. As to answer the signing question: $BIN.TOML must contain either blake3sum or sha256sum of the binary specified as source.
And once hysp downloads them, it checks if they match exactly as specified in the $BIN.TOML
We prevent MITM or any other shenanigans by trusting whoever is hosting the pkg, isn't tampering both the binary and the checksums.
So yes, not completely foolproof (an attacker could, in theory, tamper both the binary and the checksum), but that's why we have the self-hosting option for people who want to trust only themselves and their servers.
The config allows you to specify different URL/Host for the TOML files and the actual binaries. So unless, both the TOML files and source binaries are being hosted on an HTTP site, MITM is not possible. And as already specified, the default source that ships with hysp, doesn't use HTTP anywhere. |
|
|