usually not. signed releases make sure the code is what is intended by the author (most of the time unless the key is compromised, so reproducible builds + code auditing helps)
firmware attestation is used as a substitute to not have proper hardware security
/ semisol
npub122…cgrkj
2023-10-23 07:21:48
in reply to nevent1q…6hem
Author Public Key
npub12262qa4uhw7u8gdwlgmntqtv7aye8vdcmvszkqwgs0zchel6mz7s6cgrkjPublished at
2023-10-23 07:21:48Event JSON
{
"id": "70f4e8f9c0e0227528fd4568a3ff6a6e43a90180b40781a266bc7a045bca3a69",
"pubkey": "52b4a076bcbbbdc3a1aefa3735816cf74993b1b8db202b01c883c58be7fad8bd",
"created_at": 1698038508,
"kind": 1,
"tags": [
[
"e",
"d255a7d6e7a2cb4274490edd3d88e6f7f697ae2b661fd33b719180c1d03d7499"
],
[
"e",
"e9aa3473d9d5847e6369425c0e22204caa625dcad10bcc83b414f557842b1621"
],
[
"p",
"21b419102da8fc0ba90484aec934bf55b7abcf75eedb39124e8d75e491f41a5e"
]
],
"content": "usually not. signed releases make sure the code is what is intended by the author (most of the time unless the key is compromised, so reproducible builds + code auditing helps)\n\nfirmware attestation is used as a substitute to not have proper hardware security",
"sig": "28fb3365245b3e96214aac98b146d719518a316c730c157e736ee483137fd86005938c5580b17ae5c7f5234e1312785cfbfc9912d476f36014325ba5b7b89f3c"
}