Audacious. Given that we have a quite large, poorly documented project in a language that while being excellent is only spoken by very few people, here.
Well, if we abstract to “IOG”, it’s rather the same entity to trust than an extra one.
They should probably sign the binary distributions to allow a little extra trust there, but then?
Yep. Except that once the code is compiled it is absolutely impossible for me to look at any of it. But I do agree with your general argument. Though I am learning Haskell, it might take me a few more years of hard work before that will make much difference.
Yes and no. A software is just a software. It’s either well built and works all the time, or badly built but still used by many. If it comes from upstream and there’s a bug, just report it. If you discover security flaws on the binaries, then just report it. From my experience, cardano has an excellent dev support team but I feel you don’t need to compile and build yourself just to prove the software is working or to tighten security. Of course if you want to prove you have a correct haskell setup, then I agree. That’s why Archlinux has 2 versions of the package. The cardano-node which needs compiling (that’s why you have ghc-8.10.7 in dependencies) and cardano-node-bin with static binaries.
In the end both are correct views but I won’t worry about security as long as sources comes from proper channels upstream. If there’s a bug, just report it.
I think if someone writes a system package file or it, the maintainer probably should be sign but gnupg should take care of this.
I was not referring to the signatures of Debian packages, but to the binary releases on update-cardano-mainnet.iohk.io. It would be good if those were signed, so that we could be a bit more sure to get binaries actually compiled by people at IOG who have the proper roles and rights.
I have another problem:
I creat cardano node and cardano stake pool , I have two wallet:payment and stake.
How can I access to my wallets with another platform such as android to this wallets?
Thanks
If you did not create the wallet starting from a seed phrase, you cannot access them from a classic wallet.
Can I create wallet with seed in stake pool linux?
I just tested the script again and it works perfectly. You are also missing the cardano-address command, you need to install this binary from Github.
You can use cardano-wallet instead of cardano-address.
This should contain the required files: https://github.com/input-output-hk/cardano-wallet/releases/download/v2022-12-14/cardano-wallet-v2022-12-14-linux64.tar.gz
The error with line 8 permission denied is probably because you executed the script multiple times. It is the intended behaviour, to avoid overwritting the current wallet.
