Reproducible builds mean that rustc always generates the same output
for any given source code and configuration. It doesn't do that today,
but it could, and will need to eventually.
Reproducible builds would help us ensure the security of Rust's build
environment by allowing independent verification that the source code
for a Rust release produces the binaries we say it does.
I want people to be able to take our source code, write
and the build system will run
x.py dist then verify that the result is
the same one rust-lang signed and published.
With that we can set up independent build environments that confirm
that the official binaries were built, without tampering, by the
previous official binaries. We could provide a tool that would just
deploy the whole setup to EC2 and start verifying what the official
build machines are doing.
Having such a tool would give us more confidence in the integrity of
the compiler. The more releases in a row that other people verify,
the more confident people can be that the compiler is not subject
to a backdoor inserted by a compromised build server.
I could imagine that once we have independent verification of the
rustc builds going forward, we could also put together a project to
reconstruct the complete rustc bootstrap, from the ocaml compiler
until it joins the binary-reproducible history. And then we would
have some strong confidence that there are no backdoors in rustc.
If this sounds cool to you, then why not go make rustc builds reproducible?