logoalt Hacker News

taris2yesterday at 11:48 PM4 repliesview on HN

Have you tried Diverse Double-Compiling (DDC) to test if the official rust compiler has a backdoor?

Use crustc to compile the rust source code, producing a new compiler. Then use this new compiler and the official rustc binary, both with deterministic flags, to compile the rust source code again. The two outputs should match bit for bit.


Replies

steveklabniktoday at 1:24 AM

This was done with mrustc, which produced byte identical output.

rcxdudetoday at 2:34 AM

Better than that, you can get a bootstrapped rust from the Guix project, which has bootstrapped its entire system from source code from only a tiny verifiable binary.

amir734jjtoday at 12:48 AM

Awesome idea!