Gitian is a secure source-control oriented software distribution method. This means you can download trusted binaries that are verified by multiple builders.

Gitian uses a deterministic build process to allow multiple builders to create identical binaries. This allows multiple parties to sign the resulting binaries, guaranteeing that the binaries and tool chain were not tampered with and that the same source was used. It removes the build and distribution process as a single point of failure.

Getting Started with VM based Builds

Use the Gitian Builder to build your package in a qemu based virtual machine. You can then compare binaries with other builders, and sign the result. I am working on a downloader that verifies multiple builder signatures.

Sample Builds

The Bitcoin build process.



VM based build tools source is on github.

By Miron Cuperman, of Base Zero.