Sorry guys, please don’t hesitate to ping me if you want binaries updates.
My pool is in sleep right now as I was sick and not impressed with the way the rewards are distributed to technically useless influencers while the really working peeps got to share the crumps of delegations. When that changes I might come back in the game.
In the meantime I keep the binary service up and will proceed to distribute it again no problem. Again, mention me and/or post here for updates.
If you do this on an ARM64 machine then the apt package manager will get the arm64 deb automatically. Likewise on AMD64 machine you will get the amd64 deb.
Note: These deb packages will install binaries in /usr/bin, configuration files in /etc/cardano, and put the blockchain database in /var/lib/cardano, In other words, files will be put in standard filesystem locations like a good package manager should.
The package manager will clean up after itself too. So if you do an ‘apt upgrade’ when the next version of cardano-node comes out, the package manager will take care of removing the old version, installing the new, and restarting your cardano-node systemd service. If you later want to remove everything then just do ‘apt purge cardano-node’ and the package manager will take care of removing the installed files.
However, I do recommend that you build the deb packages yourself. After all, we are running a decentralised, trustless, secure cryptocurrency system so you shouldn’t just trust my compiled debs, you should build your own. So, here is how to do that:
Yes, but… At least with the source code being publicly viewable you have the benefit of the community’s many eyes. But with binaries, even if compiled by IOG, there was ultimately one person who compiled them, and maybe he could be evil, and the binary nature would hide this.
But, I guess if IOG documented all compile options / switches used then the haskell compiler will produce an identical binary so then anyone could compile with same options and check the sha256 hash to confirm there were no changes.
We would probably need a bit more work than “just” rigorously documented build environment to achieve that, but it would be very beneficial. Just a few independent, trustworthy builders publishing and signing their results and everybody could just install binaries from any source and check a few hashes to be sure.
I’m a huge fan of open source and a lot of open source projects, but it’s one of my pet peeves to point out if things are oversold, even if they are things I like. The “many eyes” making sure that nothing slips through in open source software are often disappointingly few – and cardano-node being a very sparsely documented project in a language very obscure to most people doesn’t exactly grow the number of potential eyes.
On the other hand, I hope that more than one person looks at IO’s build server configuration. (That they use build servers and not just upload what one of their developers has compiled on their own development machine – from exactly that specific tag of sources with exactly those requirements in place (pinky swear!) – already makes it a bit better, a bit more secure.)
I believe my debian build system switches on some address space layout randomisation when I pass “DEB_BUILD_MAINT_OPTIONS = hardening=+all”. But if I recompile I do seem to get the exact same haskell binary.
I am trying to learn. I think I am starting to like Haskell but I am never going to be good enough to audit code like Cardano’s.
I studied computer science at a university that put a huge emphasis on the functional paradigm (though not using Haskell, but their own home-grown functional language at the time). I’ve written a dissertation using loads of category theory – which inspired a lot of Haskell’s design.
Is still can’t stand it. There are so many design choices making it hard to read for me, so many implicit things you just have to know, … And it’s obviously still possible to over-engineer with it, to scatter the code over hundreds of source files through a huge directory tree, where only the resident devs still have an overview, what is where and why (if there even is a why), …
Maybe one day Haskell will win the place of second language I really want to know against Scheme, but until then I’ll stay with Python if I have a choice.
But understand that you are trusting that I didn’t modify the code in a nefarious manner when building these binaries. (Which I didn’t do.)
Also note that these deb packages will place the binaries, configs, and chain data in standard filesystem layout which might be different to what you expect if you are following certain community guides.
You can build the deb packages yourself by following the directions here: