1. 
   achow101 commented at 10:32 PM on December 2, 2024: member

   I have updated signapple to notarize MacOS app bundles without adding any additional dependencies. Further, it can also sign and apply detached signatures to standalone binaries.

   As such, we can use signapple to perform the notarization and stapling steps so that MacOS will run the app bundle after it is installed. detached-sig-create.sh is updated to have a notarization step and to download the ticket which will be included in the detached signatures. The workflow is largely unchanged for the MacOS codesigners except for the additional requirement of having an App Store Connect API key and Team UUID, instructions for which can be found at https://github.com/achow101/signapple/blob/master/docs/notarization.md. For guix builders, the workflow is unchanged.

   Additionally, the standalone binaries packaged in the MacOS .tar.gz and Windows .zip will now be codesigned. detached-sig-create.sh was updated to handle these, so the workflow for both MacOS and Windows codesigners remains unchanged. For guix builders, the workflow is also unchanged.

   Because those binaries will how have codesigned and unsigned versions, the build command is modified to output -unsigned.{tar.gz,zip} archives containing the binaries. Since this happens to conflict with the tarball used for codesigning, the codesigning tarball was renamed to -codesigning.tar.gz. Both MacOS and Windows codesigners will need to adjust their workflows to account for the new name.

   Fixes #15774 and #29749

2. 
   DrahtBot commented at 10:32 PM on December 2, 2024: contributor

   <!--e57a25ab6845829454e8d69fc972939a-->

   The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

   <!--006a51241073e994b41acfe9ec718e94-->

   Code Coverage & Benchmarks

   For details see: https://corecheck.dev/bitcoin/bitcoin/pulls/31407.

   <!--021abf342d371248e50ceaed478a90ca-->

   Reviews

   See the guideline for information on the review process.

   Type	Reviewers
   ACK	Sjors, pinheadmz, davidgumberg
   Concept ACK	hebasto
   Stale ACK	willcl-ark

   If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update.

3. achow101 added this to the milestone 29.0 on Dec 2, 2024
4. DrahtBot added the label Build system on Dec 2, 2024
5. achow101 force-pushed on Dec 2, 2024
6. 
   DrahtBot commented at 10:47 PM on December 2, 2024: contributor

   <!--85328a0da195eb286784d51f73fa0af9-->

   🚧 At least one of the CI tasks failed. _{Debug: https://github.com/bitcoin/bitcoin/runs/33817027293}

   <details><summary>Hints</summary>

   Try to run the tests locally, according to the documentation. However, a CI failure may still happen due to a number of reasons, for example:

   • Possibly due to a silent merge conflict (the changes in this pull request being incompatible with the current code in the target branch). If so, make sure to rebase on the latest commit of the target branch.

   • A sanitizer issue, which can only be found by compiling with the sanitizer and running the affected test.

   • An intermittent issue.

   Leave a comment here, if you need help tracking down a confusing failure.

   </details>

7. DrahtBot added the label CI failed on Dec 2, 2024
8. DrahtBot removed the label CI failed on Dec 2, 2024
9. 
   achow101 commented at 11:36 PM on December 2, 2024: member

   It's unclear to me whether the standalone binaries need to be notarized too. This is currently not implemented, but should not be that much more complicated to do.

10. 
    edilmedeiros commented at 2:12 AM on December 3, 2024: contributor

    It's unclear to me whether the standalone binaries need to be notarized too. This is currently not implemented, but should not be that much more complicated to do.

    Are they being codesigned already?

    I was getting the v28 binaries from bitcoincore.org instantly killed in Sonoma 14.6.1 when trying to run them in the terminal today. Took me a while to understand what was happening because the processes are killed without a security message or anything like the "nice" gatekeeper popup. Codesigning each on my own solved the issue.

    ❯ tar xvfz bitcoin-28.0-arm64-apple-darwin.tar.gz
    x bitcoin-28.0/
    x bitcoin-28.0/bin/
    x bitcoin-28.0/bin/bitcoin-cli
    x bitcoin-28.0/bin/bitcoin-qt
    x bitcoin-28.0/bin/bitcoin-tx
    x bitcoin-28.0/bin/bitcoin-util
    x bitcoin-28.0/bin/bitcoin-wallet
    x bitcoin-28.0/bin/bitcoind
    x bitcoin-28.0/bin/test_bitcoin
    x bitcoin-28.0/bitcoin.conf
    x bitcoin-28.0/share/
    x bitcoin-28.0/share/man/
    x bitcoin-28.0/share/man/man1/
    x bitcoin-28.0/share/man/man1/bitcoin-cli.1
    x bitcoin-28.0/share/man/man1/bitcoin-qt.1
    x bitcoin-28.0/share/man/man1/bitcoin-tx.1
    x bitcoin-28.0/share/man/man1/bitcoin-util.1
    x bitcoin-28.0/share/man/man1/bitcoin-wallet.1
    x bitcoin-28.0/share/man/man1/bitcoind.1
    x bitcoin-28.0/share/rpcauth/
    x bitcoin-28.0/share/rpcauth/README.md
    x bitcoin-28.0/share/rpcauth/rpcauth.py
    
    ❯ bitcoin-28.0/bin/bitcoind --version
    [1]    36572 killed     bitcoin-28.0/bin/bitcoind --version
    
    ❯ codesign --sign - bitcoin-28.0/bin/bitcoind
    
    ❯ bitcoin-28.0/bin/bitcoind --version
    Bitcoin Core version v28.0.0
    Copyright (C) 2009-2024 The Bitcoin Core developers
    
    Please contribute if you find Bitcoin Core useful. Visit
    <https://bitcoincore.org/> for further information about the software.
    The source code is available from <https://github.com/bitcoin/bitcoin>.
    
    This is experimental software.
    Distributed under the MIT software license, see the accompanying file COPYING
    or <https://opensource.org/licenses/MIT>
    

11. 
    achow101 commented at 2:15 AM on December 3, 2024: member

    Are they being codesigned already?

    This PR codesigns them.

12. 
    Sjors commented at 12:20 PM on December 3, 2024: member

    It's unclear to me whether the standalone binaries need to be notarized too.

    Do you mean the binaries in unsigned.{zip,tar.gz} archives? I think it's fine not to.

13. in contrib/guix/guix-codesign:158 in ba67aa681e outdated

     156 | -            echo "$(outdir_for_host "$1")/${DISTNAME}-win64-unsigned.tar.gz"
     157 | +            echo "$(outdir_for_host "$1")/${DISTNAME}-win64-codesigning.tar.gz"
     158 |              ;;
     159 |          *darwin*)
     160 | -            echo "$(outdir_for_host "$1")/${DISTNAME}-${1}-unsigned.tar.gz"
     161 | +            echo "$(outdir_for_host "$1")/${DISTNAME}-${1}-codesigning.tar.gz"
    

    ---

    ---

    

    Sjors commented at 12:29 PM on December 3, 2024:

    912377ac4999467be7dfd51481c38972fb1475dd: maybe call it -maintainers to reduce confusion with -unsigned?

    A more generic term might also be handy in the future if e.g. we want to include an OTS timestamp that commits to the (pre codesigning, pgp signed?) guix hashes (with all architectures).

    ---

    

    achow101 commented at 4:52 PM on December 3, 2024:

    The codesigners are not necessarily maintainers. I don't think it's useful to make this broad when it has been extremely specific for codesigning for more than a decade.

    ---

    

    laanwj commented at 10:05 AM on February 11, 2025:

    Yes that seems something to consider when and if we cross that bridge. Currently an .ots is already generated for the final SHA256SUMS at release time, not sure to move that to another phase in the process.

14. 
    Sjors commented at 12:50 PM on December 3, 2024: member

    In order to properly test this, you would have to provide the detached signatures and staple for this PR.

    Reviewers then need to download it from some website. If you obtain the file via SSH from your own guix machine, macOS tries to be smart about it (at least my Intel mac used to do that).

    HOSTS="x86_64-w64-mingw32 x86_64-apple-darwin arm64-apple-darwin" ./contrib/guix/guix-build 
    ...
    find guix-build-$(git rev-parse --short=12 HEAD)/output/ -type f -print0 | env LC_ALL=C sort -z | xargs -r0 sha256sum
    

    Guix hashes for macOS and Windows, before code-sign:

    arm_64
    e1d50cc856902e31e966f0e0d50ac732a6d8c7c080e9f9d50ab229d7503bd601  guix-build-ba67aa681e9b/output/arm64-apple-darwin/SHA256SUMS.part
    462617a5476e946e10be8624d73b531041c8abf4628a35038d65b80534de768a  guix-build-ba67aa681e9b/output/arm64-apple-darwin/bitcoin-ba67aa681e9b-arm64-apple-darwin-codesigning.tar.gz
    2583965a7ecbcf48946bcb7676cf6b39a04cee44b34c6292d81cbb825f0d35df  guix-build-ba67aa681e9b/output/arm64-apple-darwin/bitcoin-ba67aa681e9b-arm64-apple-darwin-unsigned.tar.gz
    96f25391136c5e3f77b6dfb4e027aa1f43ccc91edf0237b9ec0c7b01a64b32f3  guix-build-ba67aa681e9b/output/arm64-apple-darwin/bitcoin-ba67aa681e9b-arm64-apple-darwin-unsigned.zip
    74d95312c8a33c65a1ea55c1d8392c58d77f78251af551926d4e913f12b45cac  guix-build-ba67aa681e9b/output/dist-archive/bitcoin-ba67aa681e9b.tar.gz
    1f457247d24466bc7f8faeb7f8faec80cadfed66ef68354c77a36ceba1127799  guix-build-ba67aa681e9b/output/x86_64-apple-darwin/SHA256SUMS.part
    eafb67c89ed27e1dd216e2d300829c5bb22fbe6999839189441e3d64080b65f5  guix-build-ba67aa681e9b/output/x86_64-apple-darwin/bitcoin-ba67aa681e9b-x86_64-apple-darwin-codesigning.tar.gz
    0d9f7d7ef1f71b4c3072a0af44b374caf0a4646f4ba143f5440bbcf52c8fe614  guix-build-ba67aa681e9b/output/x86_64-apple-darwin/bitcoin-ba67aa681e9b-x86_64-apple-darwin-unsigned.tar.gz
    a0337d08f8145ed4c8548086752b8c32766db1a0483573b44f95134cba9f3913  guix-build-ba67aa681e9b/output/x86_64-apple-darwin/bitcoin-ba67aa681e9b-x86_64-apple-darwin-unsigned.zip
    635b1e00cd6792faae60085f4d0ec71bb010756caa40f7241b05e1e3ef6aa18a  guix-build-ba67aa681e9b/output/x86_64-w64-mingw32/SHA256SUMS.part
    96326f5755ee14d74b74addc740e8e89c49ee65e4f56746a018e3aba39025642  guix-build-ba67aa681e9b/output/x86_64-w64-mingw32/bitcoin-ba67aa681e9b-win64-codesigning.tar.gz
    0d1f7d39c4fcee02d763d85c7f14fe28233f4fe357192e54a227cb54843a8a0b  guix-build-ba67aa681e9b/output/x86_64-w64-mingw32/bitcoin-ba67aa681e9b-win64-debug.zip
    b3531bbeccd65d52cb73be3edc38f3aa4b1abe6373ad4e153e4c036a78f29b18  guix-build-ba67aa681e9b/output/x86_64-w64-mingw32/bitcoin-ba67aa681e9b-win64-setup-unsigned.exe
    e0a39aad96ac6fa7bf0957119bfca2a527e66f9991a71e84cc5c90864a9c833d  guix-build-ba67aa681e9b/output/x86_64-w64-mingw32/bitcoin-ba67aa681e9b-win64-unsigned.zip
    

15. 
    achow101 commented at 4:53 PM on January 30, 2025: member

    @fanquake @pinheadmz Can one of you please do a build and make detached sigs for this PR for testing?

16. in contrib/guix/libexec/build.sh:371 in 764f9d176d outdated

     364 | @@ -382,6 +365,23 @@ mkdir -p "$DISTSRC"
     365 |                      || ( rm -f "${OUTDIR}/${DISTNAME}-win64-codesigning.tar.gz" && exit 1 )
     366 |              )
     367 |              ;;
     368 | +        *darwin*)
    

    ---

    ---

    

    sipa commented at 6:47 PM on January 30, 2025:

    In commit "build: Include all MacOS binaries for codesigning"

    What is the effect of moving this code down? Will it pick up more artifacts that have been produced in between?

    ---

    

    achow101 commented at 7:15 PM on January 30, 2025:

    Yes, this makes it include the directory containing the binaries in the codesigning tarball.

17. in doc/release-process.md:170 in ba67aa681e outdated

     163 | @@ -164,17 +164,17 @@ Then open a Pull Request to the [guix.sigs repository](https://github.com/bitcoi
     164 |  
     165 |  In the `guix-build-${VERSION}/output/x86_64-apple-darwin` and `guix-build-${VERSION}/output/arm64-apple-darwin` directories:
     166 |  
     167 | -    tar xf bitcoin-osx-unsigned.tar.gz
     168 | -    ./detached-sig-create.sh /path/to/codesign.p12
     169 | +    tar xf bitcoin-osx-codesigning.tar.gz
     170 | +    ./detached-sig-create.sh /path/to/codesign.p12 /path/to/AuthKey_foo.p8 uuid
     171 |      Enter the keychain password and authorize the signature
     172 |      signature-osx.tar.gz will be created
    

    ---

    ---

    

    pinheadmz commented at 5:37 PM on February 3, 2025:

    output file is actually signature-osx-executable.tar.gz

    ---

    

    achow101 commented at 5:48 PM on February 10, 2025:

    Huh. It's supposed to be either signature-osx-x86_64.tar.gz or signature-osx-arm64.tar.gz. Is file different on Mac vs Linux?

    ---

    

    laanwj commented at 10:38 AM on February 11, 2025:

    Not sure if it's a difference in the tool or the magic files used by default, but file output seems noticibly different between linux and mac:

    mac (file-5.41):

    /bin/ls: Mach-O universal binary with 2 architectures: [x86_64:Mach-O 64-bit executable x86_64
    - Mach-O 64-bit executable x86_64] [arm64e:Mach-O 64-bit executable arm64e
    - Mach-O 64-bit executable arm64e]
    /bin/ls (for architecture x86_64):	Mach-O 64-bit executable x86_64
    /bin/ls (for architecture arm64e):	Mach-O 64-bit executable arm64e
    

    linux (file-5.45):

    /tmp/ls: Mach-O universal binary with 2 architectures: [x86_64:\012- Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|PIE>] [\012- arm64e (caps: 0x2):\012- Mach-O 64-bit arm64e (caps: PAC00) executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|PIE>]
    

    linux (file-5.45, usingfile -r to get multiline)

    /tmp/ls: Mach-O universal binary with 2 architectures: [x86_64:
    - Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|PIE>] [
    - arm64e (caps: 0x2):
    - Mach-O 64-bit arm64e (caps: PAC00) executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|PIE>]
    

    ---

    

    pinheadmz commented at 9:22 PM on February 11, 2025:

    not an issue anymore on 46e44a35b85830a60cf622e039db19ccf1989008

18. 
    pinheadmz commented at 6:05 PM on February 3, 2025: member

    I'm hitting an error with guix-codesign. I am just focusing on HOSTS=arm64-apple-darwin, guix build of: ba67aa681e9b28a9992636fec4e06b26b3c3422e

    SHASUMS.part:

    462617a5476e946e10be8624d73b531041c8abf4628a35038d65b80534de768a  arm64-apple-darwin/bitcoin-ba67aa681e9b-arm64-apple-darwin-codesigning.tar.gz
    2583965a7ecbcf48946bcb7676cf6b39a04cee44b34c6292d81cbb825f0d35df  arm64-apple-darwin/bitcoin-ba67aa681e9b-arm64-apple-darwin-unsigned.tar.gz
    96f25391136c5e3f77b6dfb4e027aa1f43ccc91edf0237b9ec0c7b01a64b32f3  arm64-apple-darwin/bitcoin-ba67aa681e9b-arm64-apple-darwin-unsigned.zip
    74d95312c8a33c65a1ea55c1d8392c58d77f78251af551926d4e913f12b45cac  dist-archive/bitcoin-ba67aa681e9b.tar.gz
    

    Detached code signatures (maybe): signature-osx-executable.tar.gz

    However, attaching them is an issue:

    zip@zip:~/bitcoin$ DETACHED_SIGS_REPO=../bitcoin-detached-sigs HOSTS=arm64-apple-darwin ./contrib/guix/guix-codesign
    Checking that we can connect to the guix-daemon...
    
    Hint: If this hangs, you may want to try turning your guix-daemon off and on
          again.
    
    INFO: Codesigning ba67aa681e9b for platform triple arm64-apple-darwin:
          ...using reference timestamp: 1733177891
          ...from worktree directory: '/home/zip/bitcoin'
              ...bind-mounted in container to: '/bitcoin'
          ...in build directory: '/home/zip/bitcoin/guix-build-ba67aa681e9b/distsrc-ba67aa681e9b-arm64-apple-darwin-codesigned'
              ...bind-mounted in container to: '/distsrc-base/distsrc-ba67aa681e9b-arm64-apple-darwin-codesigned'
          ...outputting in: '/home/zip/bitcoin/guix-build-ba67aa681e9b/output/arm64-apple-darwin-codesigned'
              ...bind-mounted in container to: '/outdir-base/arm64-apple-darwin-codesigned'
          ...using detached signatures in: '../bitcoin-detached-sigs'
              ...bind-mounted in container to: '/detached-sigs'
    guix shell: error: symlink: No such file or directory: "/home/zip/bitcoin/guix-build-ba67aa681e9b/var/profiles/arm64-apple-darwin-codesigned"
    

    Do I need to have bitcoin-detached-sigs checked out on a branch name that matches the build version?

19. 
    pinheadmz commented at 6:54 PM on February 3, 2025: member

    I got one step further by creating the directory its looking for in the last error:

    $ mkdir -p /home/zip/bitcoin/guix-build-ba67aa681e9b/var/profiles/

    this broke somewhere new...

    $ DETACHED_SIGS_REPO=../bitcoin-detached-sigs HOSTS=arm64-apple-darwin FORCE_DIRTY_WORKTREE=1 ./contrib/guix/guix-codesign
    Checking that we can connect to the guix-daemon...
    
    Hint: If this hangs, you may want to try turning your guix-daemon off and on
          again.
    
    INFO: Codesigning ba67aa681e9b for platform triple arm64-apple-darwin:
          ...using reference timestamp: 1733177891
          ...from worktree directory: '/home/zip/bitcoin'
              ...bind-mounted in container to: '/bitcoin'
          ...in build directory: '/home/zip/bitcoin/guix-build-ba67aa681e9b/distsrc-ba67aa681e9b-arm64-apple-darwin-codesigned'
              ...bind-mounted in container to: '/distsrc-base/distsrc-ba67aa681e9b-arm64-apple-darwin-codesigned'
          ...outputting in: '/home/zip/bitcoin/guix-build-ba67aa681e9b/output/arm64-apple-darwin-codesigned'
              ...bind-mounted in container to: '/outdir-base/arm64-apple-darwin-codesigned'
          ...using detached signatures in: '../bitcoin-detached-sigs'
              ...bind-mounted in container to: '/detached-sigs'
    Required environment variables as seen inside the container:
        CODESIGNING_TARBALL: /outdir-base/arm64-apple-darwin/bitcoin-ba67aa681e9b-arm64-apple-darwin-codesigning.tar.gz
        DETACHED_SIGS_REPO: /detached-sigs
        DIST_ARCHIVE_BASE: /outdir-base/dist-archive
        DISTNAME: bitcoin-ba67aa681e9b
        HOST: arm64-apple-darwin
        SOURCE_DATE_EPOCH: 1733177891
        DISTSRC: /distsrc-base/distsrc-ba67aa681e9b-arm64-apple-darwin-codesigned
        OUTDIR: /outdir-base/arm64-apple-darwin-codesigned
    Traceback (most recent call last):
      File "/gnu/store/b5d90lfah4dplqxb5bi7srxf5w8iv13s-python-signapple-0.2.0-1.a9bf003/bin/.signapple-real", line 5, in <module>
        sys.exit (mod.main ())
      File "/gnu/store/b5d90lfah4dplqxb5bi7srxf5w8iv13s-python-signapple-0.2.0-1.a9bf003/lib/python3.10/site-packages/signapple/__init__.py", line 191, in main
        args.func(args)
      File "/gnu/store/b5d90lfah4dplqxb5bi7srxf5w8iv13s-python-signapple-0.2.0-1.a9bf003/lib/python3.10/site-packages/signapple/__init__.py", line 38, in apply
        ret = apply_sig(args.filename, args.sig)
      File "/gnu/store/b5d90lfah4dplqxb5bi7srxf5w8iv13s-python-signapple-0.2.0-1.a9bf003/lib/python3.10/site-packages/signapple/sign.py", line 1176, in apply_sig
        shutil.copyfile(sig_file_path, file_out_path)
      File "/gnu/store/z193j1jnz80h56fbv6nic6mh34b4bb1j-python-3.10.7/lib/python3.10/shutil.py", line 254, in copyfile
        with open(src, 'rb') as fsrc:
    FileNotFoundError: [Errno 2] No such file or directory: 'codesignatures/osx/arm64-apple-darwin/dist/Bitcoin-Qt.app/'
    
    

20. achow101 force-pushed on Feb 10, 2025
21. 
    achow101 commented at 9:05 PM on February 10, 2025: member

    Pushed a fix for the wrong architecture detection.

22. 
    Sjors commented at 8:36 AM on February 11, 2025: member

    Guix hashes for macOS and Windows, before code-sign:

    bd11279800610b70a1feed4451d9fa3a137ed75f26c794363c5ef82d820c592e  guix-build-46e44a35b858/output/arm64-apple-darwin/SHA256SUMS.part
    3a911d1a009222c042a84864dccd58462ce3167ea5f407830bf98d370fa356e4  guix-build-46e44a35b858/output/arm64-apple-darwin/bitcoin-46e44a35b858-arm64-apple-darwin-codesigning.tar.gz
    2b1c4d096f27ae2a650ce3fe954304c53bb51b7ddac5dd533cabcc862a75f684  guix-build-46e44a35b858/output/arm64-apple-darwin/bitcoin-46e44a35b858-arm64-apple-darwin-unsigned.tar.gz
    18c4fe6b004b0b9685671d1a60b146ce00bafe47591ff337ad3af08d8ea55e42  guix-build-46e44a35b858/output/arm64-apple-darwin/bitcoin-46e44a35b858-arm64-apple-darwin-unsigned.zip
    e920044a3cf85974b337a5a7e13c35cf8633d5083cb9ab8ba46c3b0f24019a1c  guix-build-46e44a35b858/output/dist-archive/bitcoin-46e44a35b858.tar.gz
    71e501ec189b3d561f6f07d52b6ec3ab28eba81600a8ebbde9437a13ce8818dc  guix-build-46e44a35b858/output/x86_64-apple-darwin/SHA256SUMS.part
    ccbb4b94720896282ecc6f1a7a4ad8a2de05262b71abbe32bd48ac83bd41f666  guix-build-46e44a35b858/output/x86_64-apple-darwin/bitcoin-46e44a35b858-x86_64-apple-darwin-codesigning.tar.gz
    c2125e67f68fc5c1c5d1bb835e7ef886a2025a59a5476173bc511646c48ef7cb  guix-build-46e44a35b858/output/x86_64-apple-darwin/bitcoin-46e44a35b858-x86_64-apple-darwin-unsigned.tar.gz
    45cc411f916e6ba617875d30494c8baa6e7974c82b0652449f3422009ff7ca28  guix-build-46e44a35b858/output/x86_64-apple-darwin/bitcoin-46e44a35b858-x86_64-apple-darwin-unsigned.zip
    77e0993c4a93076583f9a90bfac8afb92770363dc624745659339c6a0335497f  guix-build-46e44a35b858/output/x86_64-w64-mingw32/SHA256SUMS.part
    388d2eb388392b5d234ed72fd93ac393e55c2b3c76a5c2796d1c54921c469b7f  guix-build-46e44a35b858/output/x86_64-w64-mingw32/bitcoin-46e44a35b858-win64-codesigning.tar.gz
    21829ed3fd887adf9e4ae337189c984f2b4f91e76d8bf57f644c9d6f600968c4  guix-build-46e44a35b858/output/x86_64-w64-mingw32/bitcoin-46e44a35b858-win64-debug.zip
    184eef2b7fc6eb72f0578b510b817775615474b81b359de4ab0769c009faf75b  guix-build-46e44a35b858/output/x86_64-w64-mingw32/bitcoin-46e44a35b858-win64-setup-unsigned.exe
    08841a37cd886a94553acc723a0e3343dd8e00e7b3dd00169ac8eb1a84b03b46  guix-build-46e44a35b858/output/x86_64-w64-mingw32/bitcoin-46e44a35b858-win64-unsigned.zip
    

23. in doc/release-process.md:176 in 46e44a35b8 outdated

     175 |  
     176 |  In the `guix-build-${VERSION}/output/x86_64-w64-mingw32` directory:
     177 |  
     178 | -    tar xf bitcoin-win-unsigned.tar.gz
     179 | -    ./detached-sig-create.sh -key /path/to/codesign.key
     180 | +    tar xf bitcoin-win-codesigning.tar.gz
    

    ---

    ---

    

    hebasto commented at 8:45 AM on February 11, 2025:

        tar xf bitcoin-${VERSION}-win64-codesigning.tar.gz
    

    ---

    

    achow101 commented at 1:16 AM on February 12, 2025:

    If I need to retouch

    ---

    

    achow101 commented at 1:48 AM on February 12, 2025:

    Done

24. in doc/release-process.md:167 in 46e44a35b8 outdated

     163 | @@ -164,17 +164,17 @@ Then open a Pull Request to the [guix.sigs repository](https://github.com/bitcoi
     164 |  
     165 |  In the `guix-build-${VERSION}/output/x86_64-apple-darwin` and `guix-build-${VERSION}/output/arm64-apple-darwin` directories:
     166 |  
     167 | -    tar xf bitcoin-osx-unsigned.tar.gz
     168 | -    ./detached-sig-create.sh /path/to/codesign.p12
     169 | +    tar xf bitcoin-osx-codesigning.tar.gz
    

    ---

    ---

    

    hebasto commented at 9:07 AM on February 11, 2025:

        tar xf bitcoin-${VERSION}-${ARCH}-apple-darwin-codesigning.tar.gz
    

    ---

    

    achow101 commented at 1:16 AM on February 12, 2025:

    If I need to retouch

    ---

    

    achow101 commented at 1:48 AM on February 12, 2025:

    Done

25. 
    hebasto commented at 10:29 AM on February 11, 2025: member

    Concept ACK 46e44a35b85830a60cf622e039db19ccf1989008.

    I have reviewed the code and it looks OK. However, I am not entirely confident in 8400ada306063f1412ef3ace57e255783db879ef due to my lack of familiarity with the signapple tool.

    Additionally, I did not review the changes to the signapple tool itself.

26. pinheadmz approved
27. 
    pinheadmz commented at 9:11 PM on February 11, 2025: member

    ACK 46e44a35b85830a60cf622e039db19ccf1989008

    Tested on arm64/macos, but did not review code or test other platforms. This updated process closes the referenced issues and successfully creates signed binaries for bitcoind, bitcoin-cli and all other utilities including Bitcoin-Qt.

    ---

    Detached sigs (tar xf and commit locally in bitcoin-detached-sigs to test):

    signature-osx-arm64.tar.gz

    ---

    Attestations:

    all.SHA256SUMS

    
    504b22387c634bcf78846830b8f53359e54d526b2f0e976631a0bbd293f0353c  bitcoin-46e44a35b858-arm64-apple-darwin.tar.gz
    787fd1bd670ce5b903d174ee715a532365c8cc426278020877ef1616c8befa57  bitcoin-46e44a35b858-arm64-apple-darwin.zip
    3a911d1a009222c042a84864dccd58462ce3167ea5f407830bf98d370fa356e4  bitcoin-46e44a35b858-arm64-apple-darwin-codesigning.tar.gz
    2b1c4d096f27ae2a650ce3fe954304c53bb51b7ddac5dd533cabcc862a75f684  bitcoin-46e44a35b858-arm64-apple-darwin-unsigned.tar.gz
    18c4fe6b004b0b9685671d1a60b146ce00bafe47591ff337ad3af08d8ea55e42  bitcoin-46e44a35b858-arm64-apple-darwin-unsigned.zip
    7f92d478c82e193da4578c19e37fa7bebed7b23eb9745ace8679f1503a2d25ed  bitcoin-46e44a35b858-codesignatures-001c1794ae89.tar.gz
    e920044a3cf85974b337a5a7e13c35cf8633d5083cb9ab8ba46c3b0f24019a1c  bitcoin-46e44a35b858.tar.gz
    

    noncodesigned.SHA256SUMS

    3a911d1a009222c042a84864dccd58462ce3167ea5f407830bf98d370fa356e4  bitcoin-46e44a35b858-arm64-apple-darwin-codesigning.tar.gz
    2b1c4d096f27ae2a650ce3fe954304c53bb51b7ddac5dd533cabcc862a75f684  bitcoin-46e44a35b858-arm64-apple-darwin-unsigned.tar.gz
    18c4fe6b004b0b9685671d1a60b146ce00bafe47591ff337ad3af08d8ea55e42  bitcoin-46e44a35b858-arm64-apple-darwin-unsigned.zip
    e920044a3cf85974b337a5a7e13c35cf8633d5083cb9ab8ba46c3b0f24019a1c  bitcoin-46e44a35b858.tar.gz
    

    <details><summary>Show Signature</summary>

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256
    
    ACK 46e44a35b85830a60cf622e039db19ccf1989008
    -----BEGIN PGP SIGNATURE-----
    
    iQIzBAEBCAAdFiEE5hdzzW4BBA4vG9eM5+KYS2KJyToFAmervD4ACgkQ5+KYS2KJ
    yTqW+w//XZDjfkldmMEbEOs8fpwv38eHly9Uha8hVscixHgG6L1QkTfMimomONzD
    m0N3cOT13sEXJkuyp1ztnZoklQ2FfDcceKiN8Kb455esPtYsNrR5SyMDx3O+HYTF
    2WxSO7ktfjU7G+ZaXgHB/+xGUrXQIWNkP4b1Z+QuHtu3Sc+3TnZS2mtjvpXc1go+
    m8Rnz/hqYn1F1ePn25AMsixfdt99QUw2Z/oti3HDfiG136lHpZt0MbixCk1gDnXs
    NDSloElhUgTLyosBfdU+5KLbjsB1DKz+N2dsQ8rHTpuXcau7HPm5IAdPheSIhS5Z
    OC1z/h9/EhgOYSlAbyURovTYa0Cpz/faGNhWWIw6v+t6UBFX1Sn4fPt7X3S8k0d+
    oya7oDFTyo2NZVyM8l9+dssZaJByUOdJKYloF00g26fRA+ELaX3PxXIB/cFWNiss
    UgPc5C/pfvjq/Cr7Zwb0XdHP8U0lTbu8Aqk93xxfcKx5MVdjTnlI2JF8nbn0/eYQ
    C1GjVdHCwLR/nM6aHatEFy04WFUUeK3r7pUPRY39B/fPS31N29q5UpbvvAqihZLQ
    nVqHCCxCNrL2Ph+PwjqQsvXchz97gizQu6OKbX3DcRWstg6EwRQ3K2CG/k7MAvtw
    NnEtOMWHeXO8qW3MQkZj4IDCjTKU/OKab+jf+F0reSkZ1Oc1E54=
    =NUrf
    -----END PGP SIGNATURE-----
    

    pinheadmz's public key is on keybase

    </details>

28. DrahtBot requested review from hebasto on Feb 11, 2025
29. 
    pinheadmz commented at 9:15 PM on February 11, 2025: member

    Bonus verbose code sign verification of bitcoind:

    codesign -dv --verbose=4 /Users/matthewzipkin/Desktop/work/bitcoin/guix-build-46e44a35b858/output/arm64-apple-darwin/arm64-apple-darwin-codesigned/bitcoin-46e44a35b858/bin/bitcoind 
    Executable=/Users/matthewzipkin/Desktop/work/bitcoin/guix-build-46e44a35b858/output/arm64-apple-darwin/arm64-apple-darwin-codesigned/bitcoin-46e44a35b858/bin/bitcoind
    Identifier=bitcoind
    Format=Mach-O thin (arm64)
    CodeDirectory v=20500 size=23284 flags=0x10000(runtime) hashes=722+2 location=embedded
    VersionPlatform=1
    VersionMin=851968
    VersionSDK=917504
    Hash type=sha256 size=32
    CandidateCDHash sha256=530f57819a0cd018bee3712eed759e5abe6f3122
    CandidateCDHashFull sha256=530f57819a0cd018bee3712eed759e5abe6f31228ef865bd7ee6dc81c47f248b
    Hash choices=sha256
    CMSDigest=530f57819a0cd018bee3712eed759e5abe6f31228ef865bd7ee6dc81c47f248b
    CMSDigestType=2
    Page size=16384
    CDHash=530f57819a0cd018bee3712eed759e5abe6f3122
    Signature size=9008
    Authority=Developer ID Application: Bitcoin Core Code Signing Association (YZC7WH3MRU)
    Authority=Developer ID Certification Authority
    Authority=Apple Root CA
    Timestamp=Feb 11, 2025 at 3:59:43 PM
    Info.plist=not bound
    TeamIdentifier=YZC7WH3MRU
    Runtime Version=14.0.0
    Sealed Resources=none
    Internal requirements count=1 size=104
    

30. 
    achow101 commented at 1:25 AM on February 12, 2025: member

    Windows code signature: signature-win.tar.gz

    It looks like I have a mismatch.

    $ find guix-build-46e44a35b858/output/ -type f -print0 | env LC_ALL=C sort -z | xargs -r0 sha256sum
    c92e7d0b4d0d1f929bfe8d61e15a953738725d530fc64eb936634571c17936b7  guix-build-46e44a35b858/output/aarch64-linux-gnu/SHA256SUMS.part
    ad3992a66f9de8039cabbc9f222f7369f8002fc5350a01b03a3194d574100770  guix-build-46e44a35b858/output/aarch64-linux-gnu/bitcoin-46e44a35b858-aarch64-linux-gnu-debug.tar.gz
    e009fd02c2cc0db9031570ef32b36fa9e16194759ccbca35f3a8f8dacd0d30b2  guix-build-46e44a35b858/output/aarch64-linux-gnu/bitcoin-46e44a35b858-aarch64-linux-gnu.tar.gz
    a5ad882af28fe5fbdd8cc5d2267ef93ec34bd374e6cde92b798312014d11d47e  guix-build-46e44a35b858/output/arm-linux-gnueabihf/SHA256SUMS.part
    b736932c664a8799930e9ed308f318d5911aee2ef8e708ea0467cd89b859d898  guix-build-46e44a35b858/output/arm-linux-gnueabihf/bitcoin-46e44a35b858-arm-linux-gnueabihf-debug.tar.gz
    c03b4391dedbdbf3a32a1ec7b75193cbbc01dd2ef85e562fbc8eba26039158a3  guix-build-46e44a35b858/output/arm-linux-gnueabihf/bitcoin-46e44a35b858-arm-linux-gnueabihf.tar.gz
    04fbb5179da959e496596c1304a8a14ab4ed198b25dcf4abc62ec7dbaa1ba6a0  guix-build-46e44a35b858/output/arm64-apple-darwin-codesigned/SHA256SUMS.part
    250ba8b070da5fbdba7010c5a8ef135b422dd6ca5c408b000b1184b5b5bcfa17  guix-build-46e44a35b858/output/arm64-apple-darwin-codesigned/bitcoin-46e44a35b858-arm64-apple-darwin.tar.gz
    787fd1bd670ce5b903d174ee715a532365c8cc426278020877ef1616c8befa57  guix-build-46e44a35b858/output/arm64-apple-darwin-codesigned/bitcoin-46e44a35b858-arm64-apple-darwin.zip
    bd11279800610b70a1feed4451d9fa3a137ed75f26c794363c5ef82d820c592e  guix-build-46e44a35b858/output/arm64-apple-darwin/SHA256SUMS.part
    3a911d1a009222c042a84864dccd58462ce3167ea5f407830bf98d370fa356e4  guix-build-46e44a35b858/output/arm64-apple-darwin/bitcoin-46e44a35b858-arm64-apple-darwin-codesigning.tar.gz
    2b1c4d096f27ae2a650ce3fe954304c53bb51b7ddac5dd533cabcc862a75f684  guix-build-46e44a35b858/output/arm64-apple-darwin/bitcoin-46e44a35b858-arm64-apple-darwin-unsigned.tar.gz
    18c4fe6b004b0b9685671d1a60b146ce00bafe47591ff337ad3af08d8ea55e42  guix-build-46e44a35b858/output/arm64-apple-darwin/bitcoin-46e44a35b858-arm64-apple-darwin-unsigned.zip
    2927af1efc846fff95b18e0411d6e40f26777e1a86a63023dfd56e6b984aedac  guix-build-46e44a35b858/output/dist-archive/bitcoin-46e44a35b858-codesignatures-5d627c88c523.tar.gz
    e920044a3cf85974b337a5a7e13c35cf8633d5083cb9ab8ba46c3b0f24019a1c  guix-build-46e44a35b858/output/dist-archive/bitcoin-46e44a35b858.tar.gz
    89a4bae02f17b261887dbbc6196d590e0900a83a7d5e3fb4ec747457bd031bb3  guix-build-46e44a35b858/output/powerpc64-linux-gnu/SHA256SUMS.part
    158bba9ccf1c7400a8ce6d32a81df606a05ff1ae6bc63f84a66f7e1eafac8bfd  guix-build-46e44a35b858/output/powerpc64-linux-gnu/bitcoin-46e44a35b858-powerpc64-linux-gnu-debug.tar.gz
    1660a1dadc56b2e8c1c77f5534ffd4e1b3a020d6cb7764461e0e58af1846406c  guix-build-46e44a35b858/output/powerpc64-linux-gnu/bitcoin-46e44a35b858-powerpc64-linux-gnu.tar.gz
    3bc7d8eee5240d2301df4eed1d55605e01f9cb72acbbaa217fed9c0a581ef0c8  guix-build-46e44a35b858/output/riscv64-linux-gnu/SHA256SUMS.part
    7011c630f296440c0f964f341bf0e5037ed46955eb2e6dc5d07502c758e41766  guix-build-46e44a35b858/output/riscv64-linux-gnu/bitcoin-46e44a35b858-riscv64-linux-gnu-debug.tar.gz
    9523d9f7bba2c7392cfe2c559d62d8be10a0011f6c8bc0633248ed8152dc1635  guix-build-46e44a35b858/output/riscv64-linux-gnu/bitcoin-46e44a35b858-riscv64-linux-gnu.tar.gz
    71e501ec189b3d561f6f07d52b6ec3ab28eba81600a8ebbde9437a13ce8818dc  guix-build-46e44a35b858/output/x86_64-apple-darwin/SHA256SUMS.part
    ccbb4b94720896282ecc6f1a7a4ad8a2de05262b71abbe32bd48ac83bd41f666  guix-build-46e44a35b858/output/x86_64-apple-darwin/bitcoin-46e44a35b858-x86_64-apple-darwin-codesigning.tar.gz
    c2125e67f68fc5c1c5d1bb835e7ef886a2025a59a5476173bc511646c48ef7cb  guix-build-46e44a35b858/output/x86_64-apple-darwin/bitcoin-46e44a35b858-x86_64-apple-darwin-unsigned.tar.gz
    45cc411f916e6ba617875d30494c8baa6e7974c82b0652449f3422009ff7ca28  guix-build-46e44a35b858/output/x86_64-apple-darwin/bitcoin-46e44a35b858-x86_64-apple-darwin-unsigned.zip
    8396003dddb143fe8e08634bd3fffe6088a6edf82def1f0361d0090e9430bbfd  guix-build-46e44a35b858/output/x86_64-linux-gnu/SHA256SUMS.part
    d2fad841094103b4cc3cf2976a743e662956054dba591abd3bbe8be11847d0a8  guix-build-46e44a35b858/output/x86_64-linux-gnu/bitcoin-46e44a35b858-x86_64-linux-gnu-debug.tar.gz
    514ea670e6facefc08d6972b768a4cbdb298b4cf3d9dbaa488ff6a5dce1290df  guix-build-46e44a35b858/output/x86_64-linux-gnu/bitcoin-46e44a35b858-x86_64-linux-gnu.tar.gz
    61f7b6847c48bad5a750f591f3a786b5a41a5812240e6f6f79e8643650ae5211  guix-build-46e44a35b858/output/x86_64-w64-mingw32-codesigned/SHA256SUMS.part
    d3476edbe604a417d1428110ec63c08ace43c0e1b245b4bcbae86ac17ffb2df2  guix-build-46e44a35b858/output/x86_64-w64-mingw32-codesigned/bitcoin-46e44a35b858-win64-setup.exe
    9c951956534b39b98ffe32183462c41984eeb872c96dbc9ee4ed1d01ce5effdb  guix-build-46e44a35b858/output/x86_64-w64-mingw32-codesigned/bitcoin-46e44a35b858-win64.zip
    77e0993c4a93076583f9a90bfac8afb92770363dc624745659339c6a0335497f  guix-build-46e44a35b858/output/x86_64-w64-mingw32/SHA256SUMS.part
    388d2eb388392b5d234ed72fd93ac393e55c2b3c76a5c2796d1c54921c469b7f  guix-build-46e44a35b858/output/x86_64-w64-mingw32/bitcoin-46e44a35b858-win64-codesigning.tar.gz
    21829ed3fd887adf9e4ae337189c984f2b4f91e76d8bf57f644c9d6f600968c4  guix-build-46e44a35b858/output/x86_64-w64-mingw32/bitcoin-46e44a35b858-win64-debug.zip
    184eef2b7fc6eb72f0578b510b817775615474b81b359de4ab0769c009faf75b  guix-build-46e44a35b858/output/x86_64-w64-mingw32/bitcoin-46e44a35b858-win64-setup-unsigned.exe
    08841a37cd886a94553acc723a0e3343dd8e00e7b3dd00169ac8eb1a84b03b46  guix-build-46e44a35b858/output/x86_64-w64-mingw32/bitcoin-46e44a35b858-win64-unsigned.zip
    

    Could someone else do a codesigned build so we can compare?

    ---

    @pinheadmz @fanquake Could one of you also make a x86_64 MacOS codesignature?

31. guix: Rename unsigned.tar.gz to codesigning.tar.gz

    The tarballs used for codesigning are more than merely unsigned, they
    also contain scripts and other data for codesigning. Rename them to
    codesigning.tar.gz to distinguish from tarballs containing actually just
    the unsigned binaries.

    c214e5268f
32. guix: Rename MacOS binaries to unsigned.tar.gz

    The MacOS binaries are unsigned and therefore also unusable on MacOS.
    Indicate as such by naming the tarball "unsigned".

    d9d49cd533
33. guix: Rename Windows unsigned binaries to unsigned.zip

    As codesigned binaries will be published, the unsigned ones should be
    clearly marked as such.

    4e5c9ceb9d
34. build: Include all MacOS binaries for codesigning dd4ec840ee
35. build: Include all Windows binaries for codesigning e8b3c44da6
36. achow101 force-pushed on Feb 12, 2025
37. 
    achow101 commented at 1:48 AM on February 12, 2025: member

    I believe I identified the non-determinism, pushed a fix for that.

38. 
    achow101 commented at 2:31 AM on February 12, 2025: member

    Windows code signature for 096525e92cc2f5a4318bae13cedd2cf36b928d5f: signature-win.tar.gz

    Non-Codesigned guix hashes

    $ find guix-build-096525e92cc2/output -type f -print0 | env LC_ALL=C sort -z | xargs -r0 sha256sum
    bff1786e0fe30ac2c70eb8abd39af1764eff33aef98c92cccd74b70db0cf63d8  guix-build-096525e92cc2/output/aarch64-linux-gnu/SHA256SUMS.part
    d7308491e32e076f40e58aaa9092ceae8a16b39e66937af72bdc8b879164f304  guix-build-096525e92cc2/output/aarch64-linux-gnu/bitcoin-096525e92cc2-aarch64-linux-gnu-debug.tar.gz
    0351c42b5adf4759fd8441feb9da561d9066bbbb030d47ffa33b30eba6e9d247  guix-build-096525e92cc2/output/aarch64-linux-gnu/bitcoin-096525e92cc2-aarch64-linux-gnu.tar.gz
    b37a5e594354549e08d779d2e67cc2d11dd9b8a2356d8cb4ebf8cc42467b5c50  guix-build-096525e92cc2/output/arm-linux-gnueabihf/SHA256SUMS.part
    9a4f902ff10ff24944a314708e59394033e72eb4bfbbacafe0bb4c74f0079be4  guix-build-096525e92cc2/output/arm-linux-gnueabihf/bitcoin-096525e92cc2-arm-linux-gnueabihf-debug.tar.gz
    15f2575345370655a0e5c57ffed9f388999f9795f77ac34e99b68a86116ba721  guix-build-096525e92cc2/output/arm-linux-gnueabihf/bitcoin-096525e92cc2-arm-linux-gnueabihf.tar.gz
    7061af7740406c76b1e942a0b3ba03df1e567b39d05032fea0bf56c20e79b456  guix-build-096525e92cc2/output/arm64-apple-darwin/SHA256SUMS.part
    9ac6138dc86f40b92f83d571b44d0996e3fca52d5a2ae670ed4ed3978c668695  guix-build-096525e92cc2/output/arm64-apple-darwin/bitcoin-096525e92cc2-arm64-apple-darwin-codesigning.tar.gz
    30b530f4982119c135b3667987423b3993e42e925ebb34a74b0e15b7180cad4e  guix-build-096525e92cc2/output/arm64-apple-darwin/bitcoin-096525e92cc2-arm64-apple-darwin-unsigned.tar.gz
    2b08474b102d654b1a2e68989d73d108b3c3484d49a1fa2b214287ff28b7abd8  guix-build-096525e92cc2/output/arm64-apple-darwin/bitcoin-096525e92cc2-arm64-apple-darwin-unsigned.zip
    504608f78dc2be04bda41dc212d3cbb09afd270485884b03b426ad596b4b3611  guix-build-096525e92cc2/output/dist-archive/bitcoin-096525e92cc2.tar.gz
    71d6fb70f108b3ad9e602a48962697ddba4c4c063509181634bc2d8ca6f8e0bf  guix-build-096525e92cc2/output/powerpc64-linux-gnu/SHA256SUMS.part
    d7a111456b3d3ed3131c8e0242906742e59aa1143fe3106037d159d39d37e7ef  guix-build-096525e92cc2/output/powerpc64-linux-gnu/bitcoin-096525e92cc2-powerpc64-linux-gnu-debug.tar.gz
    c4d06c303dfd858bf0eda294e8bbcf4f3f0ce9bb011df6745afa74be3f3eb615  guix-build-096525e92cc2/output/powerpc64-linux-gnu/bitcoin-096525e92cc2-powerpc64-linux-gnu.tar.gz
    48bb69da2f4544fe538e8dea8b321bf22dfdcccc67a5c2219e9f014090fdac71  guix-build-096525e92cc2/output/riscv64-linux-gnu/SHA256SUMS.part
    b24748afc5bf792aab5ecf4d33fdcf8802c943011de386b5689943ef586d1f7b  guix-build-096525e92cc2/output/riscv64-linux-gnu/bitcoin-096525e92cc2-riscv64-linux-gnu-debug.tar.gz
    54207d89d1db350f54db43c124f52ea06d099dba06480f292b95c65492ac0c09  guix-build-096525e92cc2/output/riscv64-linux-gnu/bitcoin-096525e92cc2-riscv64-linux-gnu.tar.gz
    0b2a78b82c3c64d4e9dc4323581b2d2472f938dbf00726ab324c3b78534273b2  guix-build-096525e92cc2/output/x86_64-apple-darwin/SHA256SUMS.part
    9eb6801b9d5bfea3ae9da78213f940fb46d95e444ef59c5104f5a52ad5649b0c  guix-build-096525e92cc2/output/x86_64-apple-darwin/bitcoin-096525e92cc2-x86_64-apple-darwin-codesigning.tar.gz
    d2871b137d4604751071a3d292d9a4907ab686e0d5caddd70339184ba1e01432  guix-build-096525e92cc2/output/x86_64-apple-darwin/bitcoin-096525e92cc2-x86_64-apple-darwin-unsigned.tar.gz
    4d02ea03f8419e91f2ba4511e05d1745eccfe2465ee316830155edaa772707c5  guix-build-096525e92cc2/output/x86_64-apple-darwin/bitcoin-096525e92cc2-x86_64-apple-darwin-unsigned.zip
    af8ad1cfec48a5ebf202d72f931929bfea9d0343197b8e849f69075de2f5d170  guix-build-096525e92cc2/output/x86_64-linux-gnu/SHA256SUMS.part
    9cc51c4116fa0ee5f0305655a7a4ac84eb881a1a33952b6612bd8855fbe4e903  guix-build-096525e92cc2/output/x86_64-linux-gnu/bitcoin-096525e92cc2-x86_64-linux-gnu-debug.tar.gz
    f4f17391172b15ce57886e55e10e5d8b71729edcc68f9937e45e20b8fdbced13  guix-build-096525e92cc2/output/x86_64-linux-gnu/bitcoin-096525e92cc2-x86_64-linux-gnu.tar.gz
    685edc8de33aa04a0efd956a511ef968957cf6f0a40f0dffea01b6736824b97d  guix-build-096525e92cc2/output/x86_64-w64-mingw32/SHA256SUMS.part
    2432dac2e2a366f078cf3629e47501dd35ffd63814e764e241fbfcf9915b22be  guix-build-096525e92cc2/output/x86_64-w64-mingw32/bitcoin-096525e92cc2-win64-codesigning.tar.gz
    01693e18af845e1c55f0fa60d763fd94d9a2b6d8c876b84c7d1bd592fe9904d0  guix-build-096525e92cc2/output/x86_64-w64-mingw32/bitcoin-096525e92cc2-win64-debug.zip
    76d645f644ab987c1b68b71001a7af24d823deb96cce657a0af06be0afbcb129  guix-build-096525e92cc2/output/x86_64-w64-mingw32/bitcoin-096525e92cc2-win64-setup-unsigned.exe
    0d9e3e12f89f892dcd2ba0d818ddb28938f1baaafae9a3f884a358ad23ff3aa4  guix-build-096525e92cc2/output/x86_64-w64-mingw32/bitcoin-096525e92cc2-win64-unsigned.zip
    

    Windows code signed hashes

    $ find guix-build-096525e92cc2/output -wholename "*codesigned*" -type f -print0 | env LC_ALL=C sort -z | xargs -r0 sha256sum
    588d29b9259aa65684cdf868e7e7deef2c5aee0f1355f8dfaa2fd34aaf3b9eab  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/SHA256SUMS.part
    404261ab457c31e13511e1268b63e926cc4bed2b8dbcf8ab7d22d4e4fbb423c0  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/bitcoin-096525e92cc2-win64-setup.exe
    1c6ff7dfd0f410065032cfaa10090842f90ca08e7bb8930a157f54a241195927  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/bitcoin-096525e92cc2-win64.zip
    

39. 
    pinheadmz commented at 2:42 AM on February 12, 2025: member

    New sigs for 096525e92cc2f5a4318bae13cedd2cf36b928d5f:

    signature-osx-arm64.tar.gz

    signature-osx-x86_64.tar.gz

    All osx

    
    111016205f0a2ac732feb934acb3e8a36d5251f119d8fa9215790310ba46c31d  bitcoin-096525e92cc2-arm64-apple-darwin.tar.gz
    a1228ddcb27fc5802ff5cab8f99026286070b4938aba08982f8e49d8e01b49cf  bitcoin-096525e92cc2-arm64-apple-darwin.zip
    9ac6138dc86f40b92f83d571b44d0996e3fca52d5a2ae670ed4ed3978c668695  bitcoin-096525e92cc2-arm64-apple-darwin-codesigning.tar.gz
    30b530f4982119c135b3667987423b3993e42e925ebb34a74b0e15b7180cad4e  bitcoin-096525e92cc2-arm64-apple-darwin-unsigned.tar.gz
    2b08474b102d654b1a2e68989d73d108b3c3484d49a1fa2b214287ff28b7abd8  bitcoin-096525e92cc2-arm64-apple-darwin-unsigned.zip
    52ac4e8dff12a625a263641c3b921326cf48f0759e6cd35a08131a672043c01e  bitcoin-096525e92cc2-codesignatures-318c01f40794.tar.gz
    504608f78dc2be04bda41dc212d3cbb09afd270485884b03b426ad596b4b3611  bitcoin-096525e92cc2.tar.gz
    6afec5020c65f602a8028e5fd1b42d196f04805c2240c56565400d750abe97f5  bitcoin-096525e92cc2-x86_64-apple-darwin.tar.gz
    c39372f58828349008a4d66d493a7e1b23668cbe1af807aa39888ca24928e599  bitcoin-096525e92cc2-x86_64-apple-darwin.zip
    9eb6801b9d5bfea3ae9da78213f940fb46d95e444ef59c5104f5a52ad5649b0c  bitcoin-096525e92cc2-x86_64-apple-darwin-codesigning.tar.gz
    d2871b137d4604751071a3d292d9a4907ab686e0d5caddd70339184ba1e01432  bitcoin-096525e92cc2-x86_64-apple-darwin-unsigned.tar.gz
    4d02ea03f8419e91f2ba4511e05d1745eccfe2465ee316830155edaa772707c5  bitcoin-096525e92cc2-x86_64-apple-darwin-unsigned.zip
    

40. 
    achow101 commented at 2:58 AM on February 12, 2025: member

    Looks like everything matches:

    $ find guix-build-096525e92cc2/output -wholename "*codesigned*" -type f -print0 | env LC_ALL=C sort -z | xargs -r0 sha256sum
    b329c253e4c791d5622adc16ed0c06759ce29309e7d72221c76de4becb58b409  guix-build-096525e92cc2/output/arm64-apple-darwin-codesigned/SHA256SUMS.part
    111016205f0a2ac732feb934acb3e8a36d5251f119d8fa9215790310ba46c31d  guix-build-096525e92cc2/output/arm64-apple-darwin-codesigned/bitcoin-096525e92cc2-arm64-apple-darwin.tar.gz
    a1228ddcb27fc5802ff5cab8f99026286070b4938aba08982f8e49d8e01b49cf  guix-build-096525e92cc2/output/arm64-apple-darwin-codesigned/bitcoin-096525e92cc2-arm64-apple-darwin.zip
    a24460628df8d6df547acbbfd74bd74aafc40ebc689d26ae9956f7ab0f9326e8  guix-build-096525e92cc2/output/x86_64-apple-darwin-codesigned/SHA256SUMS.part
    6afec5020c65f602a8028e5fd1b42d196f04805c2240c56565400d750abe97f5  guix-build-096525e92cc2/output/x86_64-apple-darwin-codesigned/bitcoin-096525e92cc2-x86_64-apple-darwin.tar.gz
    c39372f58828349008a4d66d493a7e1b23668cbe1af807aa39888ca24928e599  guix-build-096525e92cc2/output/x86_64-apple-darwin-codesigned/bitcoin-096525e92cc2-x86_64-apple-darwin.zip
    

41. 
    Sjors commented at 9:04 AM on February 12, 2025: member

    I'm unable to apply the code signatures. E.g. for arm64:

    HOSTS="arm64-apple-darwin" ./contrib/guix/guix-codesign 
    Checking that we can connect to the guix-daemon...
    
    Hint: If this hangs, you may want to try turning your guix-daemon off and on
          again.
    
    INFO: Codesigning 096525e92cc2 for platform triple arm64-apple-darwin:
          ...using reference timestamp: 1733177891
          ...from worktree directory: '/home/sjors/bitcoin'
              ...bind-mounted in container to: '/bitcoin'
          ...in build directory: '/home/sjors/bitcoin/guix-build-096525e92cc2/distsrc-096525e92cc2-arm64-apple-darwin-codesigned'
              ...bind-mounted in container to: '/distsrc-base/distsrc-096525e92cc2-arm64-apple-darwin-codesigned'
          ...outputting in: '/home/sjors/bitcoin/guix-build-096525e92cc2/output/arm64-apple-darwin-codesigned'
              ...bind-mounted in container to: '/outdir-base/arm64-apple-darwin-codesigned'
          ...using detached signatures in: '/home/sjors/bitcoin-detached-sigs'
              ...bind-mounted in container to: '/detached-sigs'
    Required environment variables as seen inside the container:
        CODESIGNING_TARBALL: /outdir-base/arm64-apple-darwin/bitcoin-096525e92cc2-arm64-apple-darwin-codesigning.tar.gz
        DETACHED_SIGS_REPO: /detached-sigs
        DIST_ARCHIVE_BASE: /outdir-base/dist-archive
        DISTNAME: bitcoin-096525e92cc2
        HOST: arm64-apple-darwin
        SOURCE_DATE_EPOCH: 1733177891
        DISTSRC: /distsrc-base/distsrc-096525e92cc2-arm64-apple-darwin-codesigned
        OUTDIR: /outdir-base/arm64-apple-darwin-codesigned
    Traceback (most recent call last):
      File "/gnu/store/jh33r2k4x0kakg4apbb2id0w8xmjxbxk-python-signapple-0.2.0-1.a9bf003/bin/.signapple-real", line 5, in <module>
        sys.exit (mod.main ())
      File "/gnu/store/jh33r2k4x0kakg4apbb2id0w8xmjxbxk-python-signapple-0.2.0-1.a9bf003/lib/python3.10/site-packages/signapple/__init__.py", line 191, in main
        args.func(args)
      File "/gnu/store/jh33r2k4x0kakg4apbb2id0w8xmjxbxk-python-signapple-0.2.0-1.a9bf003/lib/python3.10/site-packages/signapple/__init__.py", line 38, in apply
        ret = apply_sig(args.filename, args.sig)
      File "/gnu/store/jh33r2k4x0kakg4apbb2id0w8xmjxbxk-python-signapple-0.2.0-1.a9bf003/lib/python3.10/site-packages/signapple/sign.py", line 1176, in apply_sig
        shutil.copyfile(sig_file_path, file_out_path)
      File "/gnu/store/yvcl464i2vxpcq67xqhvmlkpgfbgibhb-python-3.10.7/lib/python3.10/shutil.py", line 254, in copyfile
        with open(src, 'rb') as fsrc:
    FileNotFoundError: [Errno 2] No such file or directory: 'codesignatures/osx/arm64-apple-darwin/dist/Bitcoin-Qt.app/'
    

    I put the mac and windows archives in bitcoin-detached-sigs and extractd them with tar xf, which looks like this:

    Untracked files:
      (use "git add <file>..." to include in what will be committed)
    	osx/arm64-apple-darwin/
    	osx/x86_64-apple-darwin/
    	win/bitcoin-096525e92cc2-win64-setup-unsigned.exe.pem
    	win/bitcoin-096525e92cc2/
    

    It might be easier to have a tag or commit on that repo to checkout.

42. in contrib/guix/manifest.scm:18 in 096525e92c outdated

      14 | @@ -15,13 +15,14 @@
      15 |               (gnu packages mingw)
      16 |               (gnu packages pkg-config)
      17 |               ((gnu packages python) #:select (python-minimal))
      18 | -             ((gnu packages python-build) #:select (python-tomli))
      19 | +             ((gnu packages python-build) #:select (python-tomli python-poetry-core))
    

    ---

    ---

    

    fanquake commented at 9:54 AM on February 12, 2025:

    Do these new dependencies change what is needed for a no-substitutes/boostrap build?

    ---

    

    achow101 commented at 5:16 PM on February 12, 2025:

    Other than the dependency itself, I don't think so. The pypropject-build-system is part of python itself, and IIRC python-poetry-core is pure python as well with no dependencies.

43. 
    pinheadmz commented at 11:26 AM on February 12, 2025: member

    @Sjors does this help? https://github.com/pinheadmz/bitcoin-detached-sigs/tree/achow101-macos-notarization-096525e92cc2

44. 
    fanquake commented at 1:46 PM on February 12, 2025: member

    Looks like everything matches:

    I've run a build, but don't yet see everything matching:

    find guix-build-096525e92cc2/output -wholename "*codesigned*" -type f -print0 | env LC_ALL=C sort -z | xargs -r0 sha256sum
    207621cdc43868870f4136e9e6784a2a3e9ba89ec1edc6fa92b315cfa3c4432c  guix-build-096525e92cc2/output/arm64-apple-darwin-codesigned/SHA256SUMS.part
    111016205f0a2ac732feb934acb3e8a36d5251f119d8fa9215790310ba46c31d  guix-build-096525e92cc2/output/arm64-apple-darwin-codesigned/bitcoin-096525e92cc2-arm64-apple-darwin.tar.gz
    a1228ddcb27fc5802ff5cab8f99026286070b4938aba08982f8e49d8e01b49cf  guix-build-096525e92cc2/output/arm64-apple-darwin-codesigned/bitcoin-096525e92cc2-arm64-apple-darwin.zip
    43ba7f6be694c1dd60aace1b222dd423e75607483b8933e598412f32f6ae3355  guix-build-096525e92cc2/output/x86_64-apple-darwin-codesigned/SHA256SUMS.part
    6afec5020c65f602a8028e5fd1b42d196f04805c2240c56565400d750abe97f5  guix-build-096525e92cc2/output/x86_64-apple-darwin-codesigned/bitcoin-096525e92cc2-x86_64-apple-darwin.tar.gz
    c39372f58828349008a4d66d493a7e1b23668cbe1af807aa39888ca24928e599  guix-build-096525e92cc2/output/x86_64-apple-darwin-codesigned/bitcoin-096525e92cc2-x86_64-apple-darwin.zip
    344faf4f5431a5326900d2361ba70fbf93ec07cee808f5f7f83f10b64da93d26  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/SHA256SUMS.part
    404261ab457c31e13511e1268b63e926cc4bed2b8dbcf8ab7d22d4e4fbb423c0  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/bitcoin-096525e92cc2-win64-setup.exe
    1c6ff7dfd0f410065032cfaa10090842f90ca08e7bb8930a157f54a241195927  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/bitcoin-096525e92cc2-win64.zip
    

45. 
    Sjors commented at 1:56 PM on February 12, 2025: member

    @pinheadmz yes that did the trick.

    When running code sign I do get lots of warnings:

    WARNING: Part of the file was not parsed: 4332 bytes
    

    I get the same hashes as @fanquake (built on Ubuntu VM running on an M4 MacBook Pro in Qemu / UTM).

46. 
    willcl-ark commented at 1:56 PM on February 12, 2025: member

    I have also finished a build, using pinheadmz signatures from https://github.com/pinheadmz/bitcoin-detached-sigs/tree/achow101-macos-notarization-096525e92cc2?rgh-link-date=2025-02-12T11%3A26%3A00Z

    and get:

    $ find guix-build-096525e92cc2/output -wholename "*codesigned*" -type f -print0 | env LC_ALL=C sort -z | xargs -r0 sha256sum
    207621cdc43868870f4136e9e6784a2a3e9ba89ec1edc6fa92b315cfa3c4432c  guix-build-096525e92cc2/output/arm64-apple-darwin-codesigned/SHA256SUMS.part
    111016205f0a2ac732feb934acb3e8a36d5251f119d8fa9215790310ba46c31d  guix-build-096525e92cc2/output/arm64-apple-darwin-codesigned/bitcoin-096525e92cc2-arm64-apple-darwin.tar.gz
    a1228ddcb27fc5802ff5cab8f99026286070b4938aba08982f8e49d8e01b49cf  guix-build-096525e92cc2/output/arm64-apple-darwin-codesigned/bitcoin-096525e92cc2-arm64-apple-darwin.zip
    43ba7f6be694c1dd60aace1b222dd423e75607483b8933e598412f32f6ae3355  guix-build-096525e92cc2/output/x86_64-apple-darwin-codesigned/SHA256SUMS.part
    6afec5020c65f602a8028e5fd1b42d196f04805c2240c56565400d750abe97f5  guix-build-096525e92cc2/output/x86_64-apple-darwin-codesigned/bitcoin-096525e92cc2-x86_64-apple-darwin.tar.gz
    c39372f58828349008a4d66d493a7e1b23668cbe1af807aa39888ca24928e599  guix-build-096525e92cc2/output/x86_64-apple-darwin-codesigned/bitcoin-096525e92cc2-x86_64-apple-darwin.zip
    344faf4f5431a5326900d2361ba70fbf93ec07cee808f5f7f83f10b64da93d26  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/SHA256SUMS.part
    404261ab457c31e13511e1268b63e926cc4bed2b8dbcf8ab7d22d4e4fbb423c0  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/bitcoin-096525e92cc2-win64-setup.exe
    1c6ff7dfd0f410065032cfaa10090842f90ca08e7bb8930a157f54a241195927  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/bitcoin-096525e92cc2-win64.zip
    

47. 
    pinheadmz commented at 3:34 PM on February 12, 2025: member

    all.SHA256SUMS as of 096525e92cc2

    
    d7308491e32e076f40e58aaa9092ceae8a16b39e66937af72bdc8b879164f304  bitcoin-096525e92cc2-aarch64-linux-gnu-debug.tar.gz
    0351c42b5adf4759fd8441feb9da561d9066bbbb030d47ffa33b30eba6e9d247  bitcoin-096525e92cc2-aarch64-linux-gnu.tar.gz
    9a4f902ff10ff24944a314708e59394033e72eb4bfbbacafe0bb4c74f0079be4  bitcoin-096525e92cc2-arm-linux-gnueabihf-debug.tar.gz
    15f2575345370655a0e5c57ffed9f388999f9795f77ac34e99b68a86116ba721  bitcoin-096525e92cc2-arm-linux-gnueabihf.tar.gz
    111016205f0a2ac732feb934acb3e8a36d5251f119d8fa9215790310ba46c31d  bitcoin-096525e92cc2-arm64-apple-darwin.tar.gz
    a1228ddcb27fc5802ff5cab8f99026286070b4938aba08982f8e49d8e01b49cf  bitcoin-096525e92cc2-arm64-apple-darwin.zip
    9ac6138dc86f40b92f83d571b44d0996e3fca52d5a2ae670ed4ed3978c668695  bitcoin-096525e92cc2-arm64-apple-darwin-codesigning.tar.gz
    30b530f4982119c135b3667987423b3993e42e925ebb34a74b0e15b7180cad4e  bitcoin-096525e92cc2-arm64-apple-darwin-unsigned.tar.gz
    2b08474b102d654b1a2e68989d73d108b3c3484d49a1fa2b214287ff28b7abd8  bitcoin-096525e92cc2-arm64-apple-darwin-unsigned.zip
    a3945e66a68c125d1322abfb6f25e14f2b73ab90c9c57cd84c34757d2983a326  bitcoin-096525e92cc2-codesignatures-5c160ce1a3fb.tar.gz
    504608f78dc2be04bda41dc212d3cbb09afd270485884b03b426ad596b4b3611  bitcoin-096525e92cc2.tar.gz
    d7a111456b3d3ed3131c8e0242906742e59aa1143fe3106037d159d39d37e7ef  bitcoin-096525e92cc2-powerpc64-linux-gnu-debug.tar.gz
    c4d06c303dfd858bf0eda294e8bbcf4f3f0ce9bb011df6745afa74be3f3eb615  bitcoin-096525e92cc2-powerpc64-linux-gnu.tar.gz
    b24748afc5bf792aab5ecf4d33fdcf8802c943011de386b5689943ef586d1f7b  bitcoin-096525e92cc2-riscv64-linux-gnu-debug.tar.gz
    54207d89d1db350f54db43c124f52ea06d099dba06480f292b95c65492ac0c09  bitcoin-096525e92cc2-riscv64-linux-gnu.tar.gz
    6afec5020c65f602a8028e5fd1b42d196f04805c2240c56565400d750abe97f5  bitcoin-096525e92cc2-x86_64-apple-darwin.tar.gz
    c39372f58828349008a4d66d493a7e1b23668cbe1af807aa39888ca24928e599  bitcoin-096525e92cc2-x86_64-apple-darwin.zip
    9eb6801b9d5bfea3ae9da78213f940fb46d95e444ef59c5104f5a52ad5649b0c  bitcoin-096525e92cc2-x86_64-apple-darwin-codesigning.tar.gz
    d2871b137d4604751071a3d292d9a4907ab686e0d5caddd70339184ba1e01432  bitcoin-096525e92cc2-x86_64-apple-darwin-unsigned.tar.gz
    4d02ea03f8419e91f2ba4511e05d1745eccfe2465ee316830155edaa772707c5  bitcoin-096525e92cc2-x86_64-apple-darwin-unsigned.zip
    9cc51c4116fa0ee5f0305655a7a4ac84eb881a1a33952b6612bd8855fbe4e903  bitcoin-096525e92cc2-x86_64-linux-gnu-debug.tar.gz
    f4f17391172b15ce57886e55e10e5d8b71729edcc68f9937e45e20b8fdbced13  bitcoin-096525e92cc2-x86_64-linux-gnu.tar.gz
    404261ab457c31e13511e1268b63e926cc4bed2b8dbcf8ab7d22d4e4fbb423c0  bitcoin-096525e92cc2-win64-setup.exe
    1c6ff7dfd0f410065032cfaa10090842f90ca08e7bb8930a157f54a241195927  bitcoin-096525e92cc2-win64.zip
    2432dac2e2a366f078cf3629e47501dd35ffd63814e764e241fbfcf9915b22be  bitcoin-096525e92cc2-win64-codesigning.tar.gz
    01693e18af845e1c55f0fa60d763fd94d9a2b6d8c876b84c7d1bd592fe9904d0  bitcoin-096525e92cc2-win64-debug.zip
    76d645f644ab987c1b68b71001a7af24d823deb96cce657a0af06be0afbcb129  bitcoin-096525e92cc2-win64-setup-unsigned.exe
    0d9e3e12f89f892dcd2ba0d818ddb28938f1baaafae9a3f884a358ad23ff3aa4  bitcoin-096525e92cc2-win64-unsigned.zip
    
    

48. 
    achow101 commented at 5:19 PM on February 12, 2025: member

    I'm unable to apply the code signatures. E.g. for arm64:

    They need to be committed (locally, committed by anyone with any message).

    I've run a build, but don't yet see everything matching:

    It looks like the binaries match, but not the SHA256SUMS.part files.

49. 
    achow101 commented at 5:27 PM on February 12, 2025: member

    I've run a build, but don't yet see everything matching:

    It looks like the binaries match, but not the SHA256SUMS.part files.

    Ah, I think it's probably that the bitcoin-096525e92cc2-codesignatures-<commit>.tar.gz file is the one that's different in the SHA256SUMS.part files as I did not use the same codesignatures commit that @pinheadmz made. I was untarring and committing the signatures into my local repos.

50. 
    achow101 commented at 5:57 PM on February 12, 2025: member

    Rebuilt with @pinheadmz's committed sigs

    $ find guix-build-096525e92cc2/output -wholename "*codesigned*" -type f -print0 | env LC_ALL=C sort -z | xargs -r0 sha256sum
    207621cdc43868870f4136e9e6784a2a3e9ba89ec1edc6fa92b315cfa3c4432c  guix-build-096525e92cc2/output/arm64-apple-darwin-codesigned/SHA256SUMS.part
    111016205f0a2ac732feb934acb3e8a36d5251f119d8fa9215790310ba46c31d  guix-build-096525e92cc2/output/arm64-apple-darwin-codesigned/bitcoin-096525e92cc2-arm64-apple-darwin.tar.gz
    a1228ddcb27fc5802ff5cab8f99026286070b4938aba08982f8e49d8e01b49cf  guix-build-096525e92cc2/output/arm64-apple-darwin-codesigned/bitcoin-096525e92cc2-arm64-apple-darwin.zip
    43ba7f6be694c1dd60aace1b222dd423e75607483b8933e598412f32f6ae3355  guix-build-096525e92cc2/output/x86_64-apple-darwin-codesigned/SHA256SUMS.part
    6afec5020c65f602a8028e5fd1b42d196f04805c2240c56565400d750abe97f5  guix-build-096525e92cc2/output/x86_64-apple-darwin-codesigned/bitcoin-096525e92cc2-x86_64-apple-darwin.tar.gz
    c39372f58828349008a4d66d493a7e1b23668cbe1af807aa39888ca24928e599  guix-build-096525e92cc2/output/x86_64-apple-darwin-codesigned/bitcoin-096525e92cc2-x86_64-apple-darwin.zip
    344faf4f5431a5326900d2361ba70fbf93ec07cee808f5f7f83f10b64da93d26  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/SHA256SUMS.part
    404261ab457c31e13511e1268b63e926cc4bed2b8dbcf8ab7d22d4e4fbb423c0  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/bitcoin-096525e92cc2-win64-setup.exe
    1c6ff7dfd0f410065032cfaa10090842f90ca08e7bb8930a157f54a241195927  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/bitcoin-096525e92cc2-win64.zip
    

51. 
    Sjors commented at 9:56 AM on February 13, 2025: member

    Uploading the macOS binaries here, so I can test the download flow (which in the past behaved different from the scp flow):

    • bitcoin-096525e92cc2-arm64-apple-darwin.zip
    • bitcoin-096525e92cc2-x86_64-apple-darwin.zip

    ---

    I was able to run the downloaded zip on an macOS 15.3 (M4) without issue. I was also able to use all the binaries in the tar archive without having to self-sign them.

    Will try Intel Mac and Windows this weekend if no-one else gets a chance first.

52. glozow requested review from willcl-ark on Feb 13, 2025
53. glozow requested review from darosior on Feb 13, 2025
54. glozow requested review from stickies-v on Feb 13, 2025
55. glozow requested review from davidgumberg on Feb 13, 2025
56. 
    darosior commented at 8:10 PM on February 13, 2025: member

    Thanks for the upload, i'll test the Mac ARM this weekend.

57. willcl-ark approved
58. 
    willcl-ark commented at 11:56 AM on February 14, 2025: member

    tACK 096525e92cc2f5a4318bae13cedd2cf36b928d5f

    I have not thoroughly reviewed the code changes here, but I did read through all the changes. I was more interested in verifying the result of the changes was correct.

    I tested the MacOS binaries on both an M3 and x86_64 (Intel) Macs. Of note however is the fact that the Intel Mac is 2017, and so can only run MacOS 10.13 (where 10.15 is the version giving us trouble with the new mandatory gatekeeper policies).

    With that aside I can confirm that the bins (and .app) I built and attached signatures to work without any further interaction from users on both systems.

59. DrahtBot requested review from pinheadmz on Feb 14, 2025
60. 
    willcl-ark commented at 11:57 AM on February 14, 2025: member

    I don't want to delay getting this particular PR in before 29.0, but I do wonder if we might in the future consider tidying the the guix output directory a little? Currently I see:

    $ fd -uu -e .tar.gz -e .zip -e .exe | cut -d '/' -f 2- | sort
    bitcoin-096525e92cc2-aarch64-linux-gnu-debug.tar.gz
    bitcoin-096525e92cc2-aarch64-linux-gnu.tar.gz
    bitcoin-096525e92cc2-arm64-apple-darwin-codesigning.tar.gz
    bitcoin-096525e92cc2-arm64-apple-darwin.tar.gz
    bitcoin-096525e92cc2-arm64-apple-darwin-unsigned.tar.gz
    bitcoin-096525e92cc2-arm64-apple-darwin-unsigned.zip
    bitcoin-096525e92cc2-arm64-apple-darwin.zip
    bitcoin-096525e92cc2-arm-linux-gnueabihf-debug.tar.gz
    bitcoin-096525e92cc2-arm-linux-gnueabihf.tar.gz
    bitcoin-096525e92cc2-codesignatures-5c160ce1a3fb.tar.gz
    bitcoin-096525e92cc2-powerpc64-linux-gnu-debug.tar.gz
    bitcoin-096525e92cc2-powerpc64-linux-gnu.tar.gz
    bitcoin-096525e92cc2-riscv64-linux-gnu-debug.tar.gz
    bitcoin-096525e92cc2-riscv64-linux-gnu.tar.gz
    bitcoin-096525e92cc2.tar.gz
    bitcoin-096525e92cc2-win64-codesigning.tar.gz
    bitcoin-096525e92cc2-win64-debug.zip
    bitcoin-096525e92cc2-win64-setup.exe
    bitcoin-096525e92cc2-win64-setup-unsigned.exe
    bitcoin-096525e92cc2-win64-unsigned.zip
    bitcoin-096525e92cc2-win64.zip
    bitcoin-096525e92cc2-x86_64-apple-darwin-codesigning.tar.gz
    bitcoin-096525e92cc2-x86_64-apple-darwin.tar.gz
    bitcoin-096525e92cc2-x86_64-apple-darwin-unsigned.tar.gz
    bitcoin-096525e92cc2-x86_64-apple-darwin-unsigned.zip
    bitcoin-096525e92cc2-x86_64-apple-darwin.zip
    bitcoin-096525e92cc2-x86_64-linux-gnu-debug.tar.gz
    bitcoin-096525e92cc2-x86_64-linux-gnu.tar.gz
    

    If these all appear on bitcoincore.org/bin/ then it's starting to look a bit overwhelming for a MacOS (or Windows) user to correctly select what they need.

    Perhaps, after codesigning we could prune the unsigned and codesigning dirs? This could see us reduce e.g. arm64-apple from:

    bitcoin-096525e92cc2-arm64-apple-darwin-codesigning.tar.gz
    bitcoin-096525e92cc2-arm64-apple-darwin.tar.gz
    bitcoin-096525e92cc2-arm64-apple-darwin-unsigned.tar.gz
    bitcoin-096525e92cc2-arm64-apple-darwin-unsigned.zip
    bitcoin-096525e92cc2-arm64-apple-darwin.zip
    

    to something more comprehend-able:

    bitcoin-096525e92cc2-arm64-apple-darwin.tar.gz
    bitcoin-096525e92cc2-arm64-apple-darwin.zip
    

    Are the *-codesigning.tar.gz and *unsigned* directories required for anything after codesigning? Or is it useful to keep them around in the guix output/distribution for another reason I haven't considered?

    I am imagining we might be able to:

    • build unsigned, and create non-codesigned signatures
    • codesign binaries, prune unneeded dirs, and create codesigned signatures
61. 
    hebasto commented at 1:24 PM on February 14, 2025: member

    Uploading the macOS binaries here, so I can test the download flow (which in the past behaved different from the scp flow):

    • bitcoin-096525e92cc2-arm64-apple-darwin.zip
    • bitcoin-096525e92cc2-x86_64-apple-darwin.zip

    Tested on macOS 15.3 (Intel):

    % shasum -a 256 bitcoin-096525e92cc2-x86_64-apple-darwin.zip 
    c39372f58828349008a4d66d493a7e1b23668cbe1af807aa39888ca24928e599  bitcoin-096525e92cc2-x86_64-apple-darwin.zip
    % unzip bitcoin-096525e92cc2-x86_64-apple-darwin.zip
    % codesign --verify --deep --strict --verbose=2 Bitcoin-Qt.app
    Bitcoin-Qt.app: valid on disk
    Bitcoin-Qt.app: satisfies its Designated Requirement
    % spctl -a -vv Bitcoin-Qt.app                                 
    Bitcoin-Qt.app: accepted
    source=Notarized Developer ID
    origin=Developer ID Application: Bitcoin Core Code Signing Association (YZC7WH3MRU)
    

62. 
    hebasto commented at 4:14 PM on February 14, 2025: member

    Tested a Windows-specific part:

    $ env HOSTS=x86_64-w64-mingw32
    $ ./contrib/guix/guix-build
    $ ./contrib/guix/guix-codesign
    $ find guix-build-$(git rev-parse --short=12 HEAD)/output/ -type f -print0 | env LC_ALL=C sort -z | xargs -r0 sha256sum
    ac50a82cb146e016d5d643460dc4ff7452a70497f2d95f76cee2bcfd82724ab6  guix-build-096525e92cc2/output/dist-archive/bitcoin-096525e92cc2-codesignatures-e252afe1296a.tar.gz
    504608f78dc2be04bda41dc212d3cbb09afd270485884b03b426ad596b4b3611  guix-build-096525e92cc2/output/dist-archive/bitcoin-096525e92cc2.tar.gz
    52fba117ef288114a9e32a6990cc421055e6b51924510b629674068edfafe5e1  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/SHA256SUMS.part
    404261ab457c31e13511e1268b63e926cc4bed2b8dbcf8ab7d22d4e4fbb423c0  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/bitcoin-096525e92cc2-win64-setup.exe
    1c6ff7dfd0f410065032cfaa10090842f90ca08e7bb8930a157f54a241195927  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/bitcoin-096525e92cc2-win64.zip
    685edc8de33aa04a0efd956a511ef968957cf6f0a40f0dffea01b6736824b97d  guix-build-096525e92cc2/output/x86_64-w64-mingw32/SHA256SUMS.part
    2432dac2e2a366f078cf3629e47501dd35ffd63814e764e241fbfcf9915b22be  guix-build-096525e92cc2/output/x86_64-w64-mingw32/bitcoin-096525e92cc2-win64-codesigning.tar.gz
    01693e18af845e1c55f0fa60d763fd94d9a2b6d8c876b84c7d1bd592fe9904d0  guix-build-096525e92cc2/output/x86_64-w64-mingw32/bitcoin-096525e92cc2-win64-debug.zip
    76d645f644ab987c1b68b71001a7af24d823deb96cce657a0af06be0afbcb129  guix-build-096525e92cc2/output/x86_64-w64-mingw32/bitcoin-096525e92cc2-win64-setup-unsigned.exe
    0d9e3e12f89f892dcd2ba0d818ddb28938f1baaafae9a3f884a358ad23ff3aa4  guix-build-096525e92cc2/output/x86_64-w64-mingw32/bitcoin-096525e92cc2-win64-unsigned.zip
    

    I'm not sure about the guix-build-096525e92cc2/output/dist-archive/bitcoin-096525e92cc2-codesignatures-e252afe1296a.tar.gz artifact in the output.

63. 
    achow101 commented at 6:00 PM on February 14, 2025: member

    If these all appear on bitcoincore.org/bin/ then it's starting to look a bit overwhelming for a MacOS (or Windows) user to correctly select what they need.

    We used to upload only the binaries, but started to upload all of the guix output because the SHA256SUMS lists all of that. Previously, if you downloaded everything for a release and then tried to verify the SHA256SUMS, it would give you an error about missing files, and we thought that might be confusing.

    I think it would be reasonable to separate the non-binary stuff to a separate directory with its own SHA256SUMS. That way, we could still upload everything, but it would be less confusing. However, it would require changes to both guix building and attesting, and to the upload process.

    Are the *-codesigning.tar.gz and *unsigned* directories required for anything after codesigning? Or is it useful to keep them around in the guix output/distribution for another reason I haven't considered?

    They are not, but they are useful for debugging and/or auditing the build process.

    I'm not sure about the guix-build-096525e92cc2/output/dist-archive/bitcoin-096525e92cc2-codesignatures-e252afe1296a.tar.gz artifact in the output.

    Not sure about it in what way?

64. 
    TheCharlatan commented at 6:23 PM on February 14, 2025: contributor

    I'm not sure about the guix-build-096525e92cc2/output/dist-archive/bitcoin-096525e92cc2-codesignatures-e252afe1296a.tar.gz artifact in the output.

    I think that has always been there?

    Can confirm that the app bundle runs fine, and I am reproducing the hashes. Are extra steps such as manual codesigning expected when running the binaries archived in output/x86_64-apple-darwin-codesigned/bitcoin-096525e92cc2-x86_64-apple-darwin.tar.gz?

65. 
    achow101 commented at 6:26 PM on February 14, 2025: member

    Are extra steps such as manual codesigning expected when running the binaries archived in output/x86_64-apple-darwin-codesigned/bitcoin-096525e92cc2-x86_64-apple-darwin.tar.gz?

    No, these should all be codesigned now.

66. 
    Sjors commented at 4:37 PM on February 15, 2025: member

    macOS intel is happy too, no more right-clickery.

67. luke-jr referenced this in commit 4e8c981be8 on Feb 15, 2025
68. luke-jr referenced this in commit 35aadd0343 on Feb 15, 2025
69. luke-jr referenced this in commit d8903acc31 on Feb 15, 2025
70. luke-jr referenced this in commit 1048239ca7 on Feb 15, 2025
71. 
    hebasto commented at 8:15 AM on February 16, 2025: member

    I'm not sure about the guix-build-096525e92cc2/output/dist-archive/bitcoin-096525e92cc2-codesignatures-e252afe1296a.tar.gz artifact in the output.

    Not sure about it in what way?

    Oh, I missed this comment, which resolves my concerns.

72. 
    hebasto commented at 8:42 AM on February 16, 2025: member

    Tested a Windows-specific part:

    $ env HOSTS=x86_64-w64-mingw32
    $ ./contrib/guix/guix-build
    $ ./contrib/guix/guix-codesign
    $ find guix-build-$(git rev-parse --short=12 HEAD)/output/ -type f -print0 | env LC_ALL=C sort -z | xargs -r0 sha256sum
    ac50a82cb146e016d5d643460dc4ff7452a70497f2d95f76cee2bcfd82724ab6  guix-build-096525e92cc2/output/dist-archive/bitcoin-096525e92cc2-codesignatures-e252afe1296a.tar.gz
    504608f78dc2be04bda41dc212d3cbb09afd270485884b03b426ad596b4b3611  guix-build-096525e92cc2/output/dist-archive/bitcoin-096525e92cc2.tar.gz
    52fba117ef288114a9e32a6990cc421055e6b51924510b629674068edfafe5e1  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/SHA256SUMS.part
    404261ab457c31e13511e1268b63e926cc4bed2b8dbcf8ab7d22d4e4fbb423c0  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/bitcoin-096525e92cc2-win64-setup.exe
    1c6ff7dfd0f410065032cfaa10090842f90ca08e7bb8930a157f54a241195927  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/bitcoin-096525e92cc2-win64.zip
    685edc8de33aa04a0efd956a511ef968957cf6f0a40f0dffea01b6736824b97d  guix-build-096525e92cc2/output/x86_64-w64-mingw32/SHA256SUMS.part
    2432dac2e2a366f078cf3629e47501dd35ffd63814e764e241fbfcf9915b22be  guix-build-096525e92cc2/output/x86_64-w64-mingw32/bitcoin-096525e92cc2-win64-codesigning.tar.gz
    01693e18af845e1c55f0fa60d763fd94d9a2b6d8c876b84c7d1bd592fe9904d0  guix-build-096525e92cc2/output/x86_64-w64-mingw32/bitcoin-096525e92cc2-win64-debug.zip
    76d645f644ab987c1b68b71001a7af24d823deb96cce657a0af06be0afbcb129  guix-build-096525e92cc2/output/x86_64-w64-mingw32/bitcoin-096525e92cc2-win64-setup-unsigned.exe
    0d9e3e12f89f892dcd2ba0d818ddb28938f1baaafae9a3f884a358ad23ff3aa4  guix-build-096525e92cc2/output/x86_64-w64-mingw32/bitcoin-096525e92cc2-win64-unsigned.zip
    

    I can confirm that all Windows binaries are now properly signed:

    

73. 
    hebasto commented at 10:40 AM on February 16, 2025: member

    I've redone the entire process from scratch using these signatures:

    207621cdc43868870f4136e9e6784a2a3e9ba89ec1edc6fa92b315cfa3c4432c  guix-build-096525e92cc2/output/arm64-apple-darwin-codesigned/SHA256SUMS.part
    111016205f0a2ac732feb934acb3e8a36d5251f119d8fa9215790310ba46c31d  guix-build-096525e92cc2/output/arm64-apple-darwin-codesigned/bitcoin-096525e92cc2-arm64-apple-darwin.tar.gz
    a1228ddcb27fc5802ff5cab8f99026286070b4938aba08982f8e49d8e01b49cf  guix-build-096525e92cc2/output/arm64-apple-darwin-codesigned/bitcoin-096525e92cc2-arm64-apple-darwin.zip
    7061af7740406c76b1e942a0b3ba03df1e567b39d05032fea0bf56c20e79b456  guix-build-096525e92cc2/output/arm64-apple-darwin/SHA256SUMS.part
    9ac6138dc86f40b92f83d571b44d0996e3fca52d5a2ae670ed4ed3978c668695  guix-build-096525e92cc2/output/arm64-apple-darwin/bitcoin-096525e92cc2-arm64-apple-darwin-codesigning.tar.gz
    30b530f4982119c135b3667987423b3993e42e925ebb34a74b0e15b7180cad4e  guix-build-096525e92cc2/output/arm64-apple-darwin/bitcoin-096525e92cc2-arm64-apple-darwin-unsigned.tar.gz
    2b08474b102d654b1a2e68989d73d108b3c3484d49a1fa2b214287ff28b7abd8  guix-build-096525e92cc2/output/arm64-apple-darwin/bitcoin-096525e92cc2-arm64-apple-darwin-unsigned.zip
    a3945e66a68c125d1322abfb6f25e14f2b73ab90c9c57cd84c34757d2983a326  guix-build-096525e92cc2/output/dist-archive/bitcoin-096525e92cc2-codesignatures-5c160ce1a3fb.tar.gz
    504608f78dc2be04bda41dc212d3cbb09afd270485884b03b426ad596b4b3611  guix-build-096525e92cc2/output/dist-archive/bitcoin-096525e92cc2.tar.gz
    43ba7f6be694c1dd60aace1b222dd423e75607483b8933e598412f32f6ae3355  guix-build-096525e92cc2/output/x86_64-apple-darwin-codesigned/SHA256SUMS.part
    6afec5020c65f602a8028e5fd1b42d196f04805c2240c56565400d750abe97f5  guix-build-096525e92cc2/output/x86_64-apple-darwin-codesigned/bitcoin-096525e92cc2-x86_64-apple-darwin.tar.gz
    c39372f58828349008a4d66d493a7e1b23668cbe1af807aa39888ca24928e599  guix-build-096525e92cc2/output/x86_64-apple-darwin-codesigned/bitcoin-096525e92cc2-x86_64-apple-darwin.zip
    0b2a78b82c3c64d4e9dc4323581b2d2472f938dbf00726ab324c3b78534273b2  guix-build-096525e92cc2/output/x86_64-apple-darwin/SHA256SUMS.part
    9eb6801b9d5bfea3ae9da78213f940fb46d95e444ef59c5104f5a52ad5649b0c  guix-build-096525e92cc2/output/x86_64-apple-darwin/bitcoin-096525e92cc2-x86_64-apple-darwin-codesigning.tar.gz
    d2871b137d4604751071a3d292d9a4907ab686e0d5caddd70339184ba1e01432  guix-build-096525e92cc2/output/x86_64-apple-darwin/bitcoin-096525e92cc2-x86_64-apple-darwin-unsigned.tar.gz
    4d02ea03f8419e91f2ba4511e05d1745eccfe2465ee316830155edaa772707c5  guix-build-096525e92cc2/output/x86_64-apple-darwin/bitcoin-096525e92cc2-x86_64-apple-darwin-unsigned.zip
    344faf4f5431a5326900d2361ba70fbf93ec07cee808f5f7f83f10b64da93d26  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/SHA256SUMS.part
    404261ab457c31e13511e1268b63e926cc4bed2b8dbcf8ab7d22d4e4fbb423c0  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/bitcoin-096525e92cc2-win64-setup.exe
    1c6ff7dfd0f410065032cfaa10090842f90ca08e7bb8930a157f54a241195927  guix-build-096525e92cc2/output/x86_64-w64-mingw32-codesigned/bitcoin-096525e92cc2-win64.zip
    685edc8de33aa04a0efd956a511ef968957cf6f0a40f0dffea01b6736824b97d  guix-build-096525e92cc2/output/x86_64-w64-mingw32/SHA256SUMS.part
    2432dac2e2a366f078cf3629e47501dd35ffd63814e764e241fbfcf9915b22be  guix-build-096525e92cc2/output/x86_64-w64-mingw32/bitcoin-096525e92cc2-win64-codesigning.tar.gz
    01693e18af845e1c55f0fa60d763fd94d9a2b6d8c876b84c7d1bd592fe9904d0  guix-build-096525e92cc2/output/x86_64-w64-mingw32/bitcoin-096525e92cc2-win64-debug.zip
    76d645f644ab987c1b68b71001a7af24d823deb96cce657a0af06be0afbcb129  guix-build-096525e92cc2/output/x86_64-w64-mingw32/bitcoin-096525e92cc2-win64-setup-unsigned.exe
    0d9e3e12f89f892dcd2ba0d818ddb28938f1baaafae9a3f884a358ad23ff3aa4  guix-build-096525e92cc2/output/x86_64-w64-mingw32/bitcoin-096525e92cc2-win64-unsigned.zip
    

74. 
    hebasto commented at 7:01 PM on February 16, 2025: member

    macOS intel is happy too, no more right-clickery.

    bitcoind as well?

    Files downloaded via Safari seem to inevitably receive the com.apple.quarantine attribute. This is easily resolved for GUI applications but can be challenging for CLI tools.

75. 
    Sjors commented at 6:56 AM on February 17, 2025: member

    Tar archives, to test bitcoind (too large for Github):

    • bitcoin-096525e92cc2-arm64-apple-darwin.tar.gz
    • bitcoin-096525e92cc2-x86_64-apple-darwin.tar.gz
76. 
    Sjors commented at 7:06 AM on February 17, 2025: member

    On Apple Silicon downloading through Safari and then extracting in Finder fails:

    <img width="289" alt="arm bitcoind" src="https://github.com/user-attachments/assets/8c18ab58-ecce-4b4b-aa11-f3d48cba22b9" />

    So does downloading in Safari and then extracting using the command line with tar.

    What does work is downloading from a terminal and then extracting:

    curl -o bitcoin.tar.gz "https://download.sprovoost.nl/download.php?id=13&token=8de04067101d0748ccba9cb0e5c568cb&download"
    

    Similarly on Intel downloading through Safari it will refuse to run, but there right-click works.

    Maybe the archive itself needs to be signed?

    ---

    • just bitcoind

    ^ doesn't work either, so presumably signing the archive won't help?

    Downloads % codesign -v -vvv --strict --deep bitcoind                                                        
    bitcoind: valid on disk
    bitcoind: satisfies its Designated Requirement
    

    (also if you download bitcoind this way it won't have the x permission)

    For the next release, maybe we should just tell bitcoind users to do:

    xattr -d com.apple.quarantine bin/*
    

    That at least seems better than the current process of self-signing.

    ---

    It seems that Apple engineers sometimes do answer questions about this, so might be worth asking: https://forums.developer.apple.com/forums/thread/773755

77. 
    TheCharlatan commented at 8:13 AM on February 17, 2025: contributor

    Re #31407 (comment)

    Are extra steps such as manual codesigning expected when running the binaries archived in output/x86_64-apple-darwin-codesigned/bitcoin-096525e92cc2-x86_64-apple-darwin.tar.gz?

    No, these should all be codesigned now.

    and re #31407 (comment)

    On Apple Silicon downloading through Safari and then extracting in Finder fails: ... Similarly on Intel downloading through Safari it will refuse to run, but there right-click works.

    Same for me on my intel-based macbook, opening directly fails, right clicking and opening it solves it though.

78. 
    Sjors commented at 9:44 AM on February 17, 2025: member

    This is an interesting writeup Hurdles of macOS distribution. It suggests we shouldn't use --deep. But we only do that in macdeployqtplus for the QT .zip, which works, so no need to mess with it.

79. 
    Sjors commented at 10:22 AM on February 17, 2025: member

    It might be worth trying to notarize the binaries (instead of only the GUI bundle). This forum thread suggests it can be done by temporarily zipping them and sending them Apple in that form.

    (maybe in a followup)

80. 
    darosior commented at 3:38 PM on February 17, 2025: member

    bitcoin-096525e92cc2-arm64-apple-darwin.zip

    Tested this on a Mac M1. I could download it flawlessly through Firefox and perform most of IBD.

    I tried downloading it through Safari and likewise other reviewers i encountered an error:

    https://github.com/user-attachments/assets/4f244f13-93ba-4071-bca1-4232cb69b69e

    The system language was set to French but i guess what matters here is the error ID: -47.

    I tried comparing this with downloading Liana, for which i used the rcodesign utility to implement notarization. There it works fine on both Firefox and Safari:

    https://github.com/user-attachments/assets/304b06bf-20cd-470f-a4e1-22e9cddf2af0

    I also just noticed now that i don't have access to the Mac anymore that in Liana it used to be an x86 binary in the zip, so it might make a difference. Although i think the Wizardsardine team is now also shipping arm binaries.

81. 
    darosior commented at 3:41 PM on February 17, 2025: member

    Another thing worth mentioning is that the Liana GUI would download and start a bitcoind. This means a notarized application can run non-notarized binaries just fine. This may be helpful to know in considering how we approach notarization here (and in a possible multiprocess future).

82. 
    achow101 commented at 7:48 PM on February 17, 2025: member

    It might be worth trying to notarize the binaries (instead of only the GUI bundle). This forum thread suggests it can be done by temporarily zipping them and sending them Apple in that form.

    The binaries can be notarized, but the notarization cannot be stapled, which is why I elected to not notarize them. This means that anyone who runs those binaries will be phoning home to apple, but I guess that will happen regardless of notarization. I believe notarizing the individual binaries will require additional changes to signapple.

    I tried downloading it through Safari and likewise other reviewers i encountered an error:

    That seems like a different error. Also, I believe others were testing the binaries tarball, not the zipped app bundle.

83. 
    Sjors commented at 10:12 AM on February 18, 2025: member

    I was wondering how Homebrew fixes this, well apparently they just ad-hoc sign on your machine: https://github.com/orgs/Homebrew/discussions/4582#discussioncomment-6242807

    Here's a random Rust project that does codesign and notarize, but doesn't staple: https://www.randomerrata.com/articles/2024/notarize/

    Since macOS doesn't know if a binary is notarized, and it doesn't have the staple locally, it seems inevitable that it's going to call home.

    How nice of Apple to say this:

    We have never combined data from these checks with information about Apple users or their devices. We do not use data from these checks to learn what individual users are using on their devices.

    https://support.apple.com/en-qa/102445

    If we tell users to do xattr -d com.apple.quarantine bin/*, it would both ensure the binaries work and has a chance of avoiding the "hi Apple I use Bitcoin" call. But I haven't checked this.

    But where would that instruction go? Adding a README would pollute the /usr/local directory for anyone using a script to download and extract. Saying it on the download page is probably the best option, even if not everyone looks there.

84. 
    achow101 commented at 7:25 PM on February 18, 2025: member

    I've notarized the arm64 binaries, does running the downloaded the binaries still result in an error?

85. guix: Update signapple 710d5b5149
86. achow101 force-pushed on Feb 18, 2025
87. 
    achow101 commented at 11:25 PM on February 18, 2025: member

    Latest push changes detached-sig-create.sh to also notarize the individual binaries. Also updates signapple to latest.

88. achow101 force-pushed on Feb 18, 2025
89. DrahtBot added the label CI failed on Feb 18, 2025
90. 
    DrahtBot commented at 11:50 PM on February 18, 2025: contributor

    <!--85328a0da195eb286784d51f73fa0af9-->

    🚧 At least one of the CI tasks failed. _{Debug: https://github.com/bitcoin/bitcoin/runs/37434670255}

    <details><summary>Hints</summary>

    Try to run the tests locally, according to the documentation. However, a CI failure may still happen due to a number of reasons, for example:

    • Possibly due to a silent merge conflict (the changes in this pull request being incompatible with the current code in the target branch). If so, make sure to rebase on the latest commit of the target branch.

    • A sanitizer issue, which can only be found by compiling with the sanitizer and running the affected test.

    • An intermittent issue.

    Leave a comment here, if you need help tracking down a confusing failure.

    </details>

91. achow101 force-pushed on Feb 19, 2025
92. 
    darosior commented at 1:28 AM on February 19, 2025: member

    I've notarized the arm64 binaries, does running the downloaded the binaries still result in an error?

    Just tried again the arm64 binary on the Mac M1. Downloading from Safari and running works fine now.

93. 
    davidgumberg commented at 3:40 AM on February 19, 2025: contributor

    bitcoin-096525e92cc2-arm64-apple-darwin.zip

    Tested this on a Mac M1. I could download it flawlessly through Firefox and perform most of IBD.

    I tried downloading it through Safari and likewise other reviewers i encountered an error:

    The system language was set to French but i guess what matters here is the error ID: -47.

    I don't know if this had the same cause as what you experienced, but I accidentally reproduced the same error message (in english) and error code -47 when bitcoin core was already running from a copy I downloaded using firefox and then while the firefox copy was running I downloaded and ran it from safari, maybe this is a bug in safari?

    Otherwise, downloading through either browser, I tested launching and letting IBD run for a little bit on an arm64 mac (macOS Sonoma 14.6) and everything appears to work.

    <details>

    <summary>

    Unsigned guix hashes

    </summary>

    $ ./contrib/guix/guix-build &>/dev/null && find guix-build-$(git rev-parse --short=12 HEAD)/output/ -type f -print0 | env LC_ALL=C sort -z | xargs -r0 sha256sum
    

    3148f70f6c9afaa84006df1d6002e902be9aa7490b198f3700fcf07cef00db82  guix-build-992071ef43c5/output/aarch64-linux-gnu/SHA256SUMS.part
    1dd3ccd947fa6fb6b1952abc9fc979f127a502fd3c1ed1a96866dfb043af7232  guix-build-992071ef43c5/output/aarch64-linux-gnu/bitcoin-992071ef43c5-aarch64-linux-gnu-debug.tar.gz
    461e02f95c40346aa90cfeb00bff0cd24b02bd40d06770d2942e8df7c2125d3b  guix-build-992071ef43c5/output/aarch64-linux-gnu/bitcoin-992071ef43c5-aarch64-linux-gnu.tar.gz
    fd0581571da7aad90cf0d1c4ae39685fb388170204ccc116b6791a2b39fa3534  guix-build-992071ef43c5/output/arm-linux-gnueabihf/SHA256SUMS.part
    cad767a59062c5607e7d2e5188ab2603dd0680776e72e930428a44738c4737f0  guix-build-992071ef43c5/output/arm-linux-gnueabihf/bitcoin-992071ef43c5-arm-linux-gnueabihf-debug.tar.gz
    e4aac27299623e3f5327ed69816c62f6aff5ff468d77be72f393c0e7af3508d7  guix-build-992071ef43c5/output/arm-linux-gnueabihf/bitcoin-992071ef43c5-arm-linux-gnueabihf.tar.gz
    22fd9d4c55f2cf49208e9a936e591518ff5dfdd7408191c95ed4cf5f109b2ed6  guix-build-992071ef43c5/output/arm64-apple-darwin/SHA256SUMS.part
    3a302ae3d943fadf0c23b285bca9ecdba9dcbe7c8043a899e9dba369ab1365a6  guix-build-992071ef43c5/output/arm64-apple-darwin/bitcoin-992071ef43c5-arm64-apple-darwin-codesigning.tar.gz
    6dd438f1c68b33a26294cea17fab0cbfd98c0e30d2e406c759a2e7c575eea92f  guix-build-992071ef43c5/output/arm64-apple-darwin/bitcoin-992071ef43c5-arm64-apple-darwin-unsigned.tar.gz
    7f41365e82c4290e441309994ca35942560fe98729e79d56c2edca200d36e3ba  guix-build-992071ef43c5/output/arm64-apple-darwin/bitcoin-992071ef43c5-arm64-apple-darwin-unsigned.zip
    4068c0c78902df70d0d186de146776d38ccc25de6d76eb1171933a810e4a1dd1  guix-build-992071ef43c5/output/dist-archive/bitcoin-992071ef43c5-codesignatures-28.1.tar.gz
    e089b30572c9a2c4d475ce426c4ee11b6994c05e50716997c60208737a525e2a  guix-build-992071ef43c5/output/dist-archive/bitcoin-992071ef43c5-codesignatures-2b686ddcd809.tar.gz
    f9b09c83c071741b61cc27778c0ef2746ede111d8be4c3907ecaba0494769999  guix-build-992071ef43c5/output/dist-archive/bitcoin-992071ef43c5.tar.gz
    49ffdc4ea0de37dce537f20e84e59f20ca94e722fd2af1fb2ac9df814a87c5ff  guix-build-992071ef43c5/output/powerpc64-linux-gnu/SHA256SUMS.part
    f7646a0439820d0d96698c7cac125c19d3e6a3e630bc9a5b882f1d550e132c78  guix-build-992071ef43c5/output/powerpc64-linux-gnu/bitcoin-992071ef43c5-powerpc64-linux-gnu-debug.tar.gz
    7e95684b33dfc26c618a7b92356fa66db4958cefcb878e5511d35c12573a411f  guix-build-992071ef43c5/output/powerpc64-linux-gnu/bitcoin-992071ef43c5-powerpc64-linux-gnu.tar.gz
    4a39070b2945a08e6e80cbe98921f6a4eac2e0cfb9ee6a43e07187b2c077a4f4  guix-build-992071ef43c5/output/riscv64-linux-gnu/SHA256SUMS.part
    2f50d0afe8df4198991967b171c7e89cb7af46d83dd2bf4c94605de606451c75  guix-build-992071ef43c5/output/riscv64-linux-gnu/bitcoin-992071ef43c5-riscv64-linux-gnu-debug.tar.gz
    de294455f36f88500ac37d88706da51e3cb9a44edb71de7fe9283ed68fc9897e  guix-build-992071ef43c5/output/riscv64-linux-gnu/bitcoin-992071ef43c5-riscv64-linux-gnu.tar.gz
    5c4e896948ba93894d468a59de1497bb83438fd934465857a7c73d1171627700  guix-build-992071ef43c5/output/x86_64-apple-darwin/SHA256SUMS.part
    b729d4110b29d21252419feea526956a13b660b2be4b81bf7690a273c8cd1136  guix-build-992071ef43c5/output/x86_64-apple-darwin/bitcoin-992071ef43c5-x86_64-apple-darwin-codesigning.tar.gz
    711ee36ece75a0116b15bf5a2a80da310ed10258c3230f860d59f38e5b016b73  guix-build-992071ef43c5/output/x86_64-apple-darwin/bitcoin-992071ef43c5-x86_64-apple-darwin-unsigned.tar.gz
    0a729da581e3089978d06d5711e9fd67aff709f18f3ea02f9a56991b5a798828  guix-build-992071ef43c5/output/x86_64-apple-darwin/bitcoin-992071ef43c5-x86_64-apple-darwin-unsigned.zip
    871e0133496a9bfef8756c3cb049babb3280079702355663dac1d214db9e31a2  guix-build-992071ef43c5/output/x86_64-linux-gnu/SHA256SUMS.part
    3ecf82eda8a26087b654e06bdef1ad5d7f172b925dc09f9d56b0ceef30f9e73d  guix-build-992071ef43c5/output/x86_64-linux-gnu/bitcoin-992071ef43c5-x86_64-linux-gnu-debug.tar.gz
    f4a76d751c8ba787dafc011be88e2b833c7d773780037652f02771d84409c509  guix-build-992071ef43c5/output/x86_64-linux-gnu/bitcoin-992071ef43c5-x86_64-linux-gnu.tar.gz
    00d97e0f180286163e583b6f94af591b3b8d74a0d9a7c2c9eabf46c4fa281a9e  guix-build-992071ef43c5/output/x86_64-w64-mingw32/SHA256SUMS.part
    0c1db0c4060a06869313aaa50d7ffee776baadd2badb3f1d967125abb7151461  guix-build-992071ef43c5/output/x86_64-w64-mingw32/bitcoin-992071ef43c5-win64-codesigning.tar.gz
    be17bd89304d4686941763a074355c5155f89934766019359f45fd5b07225a88  guix-build-992071ef43c5/output/x86_64-w64-mingw32/bitcoin-992071ef43c5-win64-debug.zip
    caa4d37ffd59d6f6b6ee3914278e6e26c6ac55837ba05e3cc26412e236f7d67f  guix-build-992071ef43c5/output/x86_64-w64-mingw32/bitcoin-992071ef43c5-win64-setup-unsigned.exe
    ad39dd1743fe9c5b1d1c35dfa9d0a8c1ad1a6ace5f701f9fb3b5465bff9a544b  guix-build-992071ef43c5/output/x86_64-w64-mingw32/bitcoin-992071ef43c5-win64-unsigned.zip
    

94. 
    Sjors commented at 4:36 PM on February 19, 2025: member

    I've notarized the arm64 binaries, does running the downloaded the binaries still result in an error?

    I'll try again on the new push, since my system might remember what I did to the previous binaries.

    Do you want to push a linter fix, or should I just try the current version? I'll need new sigs from @pinheadmz anyway.

    ---

    Compared to your last version, it's now also doing ${SIGNAPPLE} apply, I guess the codesigner did that manually the last time?

    https://github.com/bitcoin/bitcoin/compare/096525e..992071ef43c5a7cbb4992f8273350f6142ceb4ce

95. contrib: Sign and notarize all MacOS binaries

    Signapple has been updated to sign individual binaries, and notarize app
    bundles and binaries. When codesigning, all individual binaries will be
    codesigned, and both the app bundle and individual binaries will be
    notarized.

    31d325464d
96. contrib: Sign all Windows binaries too 3656b828dc
97. guix: Apply codesignatures to all MacOS binaries aafbd23fd9
98. guix: Apply all codesignatures to Windows binaries e181bda061
99. achow101 force-pushed on Feb 19, 2025
100. 
     achow101 commented at 4:42 PM on February 19, 2025: member

     Do you want to push a linter fix

     Just pushed.

101. 
     pinheadmz commented at 4:44 PM on February 19, 2025: member

     I'll need new sigs from @pinheadmz anyway.

     building e181bda stay tuned for sigs

102. 
     pinheadmz commented at 7:03 PM on February 19, 2025: member

     I'm having an issue codesigning:

     
     --> ./detached-sig-create.sh <...>p12 <...>p8 <...UUID...>
     
     WARNING: Part of the file was not parsed: 37428 bytes
     Enter the passphrase for /Volumes/safe2/bitcoin-core-csk/Archive/cert@bitcoincorecodesigning.org.p12:
     Enter the passphrase for /Volumes/safe2/bitcoin-core-csk/app_store_connect_api_key/AuthKey_5ZTN3N6A87.p8:
     WARNING: Part of the file was not parsed: 37428 bytes
     Code signature created
     WARNING: Part of the file was not parsed: 37428 bytes
     WARNING: Part of the file was not parsed: 37428 bytes
     Code signature applied
     WARNING: Part of the file was not parsed: 37428 bytes
     Code signature is valid
     Notarization ID: fb852fa0-fcc6-405b-8080-56ab24f473f3
     Uploading...
     Polling notarization status
     Polling notarization status
     Polling notarization status
     Polling notarization status
     Polling notarization status
     WARNING: Part of the file was not parsed: 37428 bytes
     Stapling
     Notarization stapled to bundle
     WARNING: Part of the file was not parsed: 16518 bytes
     WARNING: Part of the file was not parsed: 16518 bytes
     Code signature created
     WARNING: Part of the file was not parsed: 16518 bytes
     WARNING: Part of the file was not parsed: 16518 bytes
     Code signature applied
     WARNING: Part of the file was not parsed: 16518 bytes
     WARNING: Part of the file was not parsed: 16518 bytes
     Code signature is valid
     WARNING: Part of the file was not parsed: 11068 bytes
     WARNING: Part of the file was not parsed: 11068 bytes
     Code signature created
     WARNING: Part of the file was not parsed: 11068 bytes
     WARNING: Part of the file was not parsed: 11068 bytes
     Code signature applied
     WARNING: Part of the file was not parsed: 11068 bytes
     WARNING: Part of the file was not parsed: 11068 bytes
     Code signature is valid
     WARNING: Part of the file was not parsed: 5345 bytes
     WARNING: Part of the file was not parsed: 5345 bytes
     Code signature created
     WARNING: Part of the file was not parsed: 5345 bytes
     WARNING: Part of the file was not parsed: 5345 bytes
     Code signature applied
     WARNING: Part of the file was not parsed: 5345 bytes
     WARNING: Part of the file was not parsed: 5345 bytes
     Code signature is valid
     WARNING: Part of the file was not parsed: 4332 bytes
     WARNING: Part of the file was not parsed: 4332 bytes
     Code signature created
     WARNING: Part of the file was not parsed: 4332 bytes
     WARNING: Part of the file was not parsed: 4332 bytes
     Code signature applied
     WARNING: Part of the file was not parsed: 4332 bytes
     WARNING: Part of the file was not parsed: 4332 bytes
     Code signature is valid
     WARNING: Part of the file was not parsed: 37428 bytes
     WARNING: Part of the file was not parsed: 37428 bytes
     Code signature created
     WARNING: Part of the file was not parsed: 37428 bytes
     WARNING: Part of the file was not parsed: 37428 bytes
     Code signature applied
     WARNING: Part of the file was not parsed: 37428 bytes
     WARNING: Part of the file was not parsed: 37428 bytes
     Code signature is valid
     WARNING: Part of the file was not parsed: 17659 bytes
     WARNING: Part of the file was not parsed: 17659 bytes
     Code signature created
     WARNING: Part of the file was not parsed: 17659 bytes
     WARNING: Part of the file was not parsed: 17659 bytes
     Code signature applied
     WARNING: Part of the file was not parsed: 17659 bytes
     WARNING: Part of the file was not parsed: 17659 bytes
     Code signature is valid
     WARNING: Part of the file was not parsed: 6475 bytes
     WARNING: Part of the file was not parsed: 6475 bytes
     Code signature created
     WARNING: Part of the file was not parsed: 6475 bytes
     WARNING: Part of the file was not parsed: 6475 bytes
     Code signature applied
     WARNING: Part of the file was not parsed: 6475 bytes
     WARNING: Part of the file was not parsed: 6475 bytes
     Code signature is valid
     Traceback (most recent call last):
       File "/opt/homebrew/bin/signapple", line 8, in <module>
         sys.exit(main())
                  ^^^^^^
       File "/Users/matthewzipkin/Desktop/work/signapple/signapple/__init__.py", line 192, in main
         args.func(args)
       File "/Users/matthewzipkin/Desktop/work/signapple/signapple/__init__.py", line 52, in do_notarize
         notarize(
       File "/Users/matthewzipkin/Desktop/work/signapple/signapple/notarize.py", line 344, in notarize
         _submit_for_notarization(
       File "/Users/matthewzipkin/Desktop/work/signapple/signapple/notarize.py", line 291, in _submit_for_notarization
         zipped = shutil.make_archive(
                  ^^^^^^^^^^^^^^^^^^^^
       File "/opt/homebrew/Cellar/python@3.11/3.11.11/Frameworks/Python.framework/Versions/3.11/lib/python3.11/shutil.py", line 1148, in make_archive
         stmd = os.stat(root_dir).st_mode
                ^^^^^^^^^^^^^^^^^
     FileNotFoundError: [Errno 2] No such file or directory: ''
     
     

103. DrahtBot removed the label CI failed on Feb 19, 2025
104. 
     achow101 commented at 8:38 PM on February 19, 2025: member

     I'm having an issue codesigning:

     Fixed in https://github.com/achow101/signapple/commit/0c087854fd2822ab63512cbfa3b55706239b27c2. Note that this only affects code signers so I will hold off on updating signapple in guix for now.

105. 
     pinheadmz commented at 8:59 PM on February 19, 2025: member

     Updated detached codesigs:

     https://github.com/pinheadmz/bitcoin-detached-sigs/tree/achow101-macos-notarization-e181bda

     all.SHA256SUMS

     
     09160970e038df29d6c2ae3da69adf77ac496f65e114e3bbb56272465b9c230a  bitcoin-e181bda061ca-aarch64-linux-gnu-debug.tar.gz
     f94c5f7734858dfc77717849934112cceef44a80b06fb1c21f41a78733092c6a  bitcoin-e181bda061ca-aarch64-linux-gnu.tar.gz
     44dcd5864d1c529c431f5e80966d4efe74a14330182460ac945852bc67ad7e84  bitcoin-e181bda061ca-arm-linux-gnueabihf-debug.tar.gz
     cff965267e9a25f8df0d36f04294be555d572dd7336bf5019c47a28f605cc489  bitcoin-e181bda061ca-arm-linux-gnueabihf.tar.gz
     3bec23389e5343dadc16ab3ed2bff897519a335ed970f8288521aa7ee7bdf4be  bitcoin-e181bda061ca-arm64-apple-darwin.tar.gz
     7f0b7259dc451610040e4fb5f1ef8947770a8fed363c64e00b06870bb5c94607  bitcoin-e181bda061ca-arm64-apple-darwin.zip
     00d4136e008ed4e93432d6aa353b1069ec1462b641fcdfd5199345113b8a49d2  bitcoin-e181bda061ca-arm64-apple-darwin-codesigning.tar.gz
     36ec89ca44cfbb912081a50e3b1604df14ac624b30950f006917c546359fd3bc  bitcoin-e181bda061ca-arm64-apple-darwin-unsigned.tar.gz
     8d80e0e513d0c5f5a2230606165de6fd283d55d9ee4cb0eece201012e88e11e1  bitcoin-e181bda061ca-arm64-apple-darwin-unsigned.zip
     ce0666f1527e5cf0f78b6dcddecc0ca9243cff8ff7086ce36d2530c085e7bb19  bitcoin-e181bda061ca-codesignatures-affdd2113f54.tar.gz
     703b6258d896bfef505bcc02d5320b1732f3c391775772d2e6f7efc5544d9ab1  bitcoin-e181bda061ca.tar.gz
     19cae39114674afdde3884fc494b654c3c233a39756a993909391b6dc985fcd6  bitcoin-e181bda061ca-powerpc64-linux-gnu-debug.tar.gz
     9c92cb2220d4431d86b63e5ab9c7d3dee64d9690c2ade7ccca396f1a1e48bb16  bitcoin-e181bda061ca-powerpc64-linux-gnu.tar.gz
     a529f947b177769e5e799aaca47cdd70fbb1063d5d0f932b31bc4405647e108f  bitcoin-e181bda061ca-riscv64-linux-gnu-debug.tar.gz
     afc182cc6cfac92e83b83f173aef4ab90e48551bc3bce101959a9d9a2f49c216  bitcoin-e181bda061ca-riscv64-linux-gnu.tar.gz
     c6f7cc3e70bb02ea7103efde9875e450fae51bd6dea0736a1cdedc7a8c9fb6bc  bitcoin-e181bda061ca-x86_64-apple-darwin.tar.gz
     6c787dc8e40e9912065dea790a8fa2499555d5fb66d6b19afdf95422891e4894  bitcoin-e181bda061ca-x86_64-apple-darwin.zip
     c6cfcb6ebba64842ca280af3ccc74ad971cb3092ffcc2f18151a36f0a1a17fd4  bitcoin-e181bda061ca-x86_64-apple-darwin-codesigning.tar.gz
     fcd053b24cc47258ea408f26188a3056086e10b1ed83b9c3f3bdc87d83626493  bitcoin-e181bda061ca-x86_64-apple-darwin-unsigned.tar.gz
     e218ad851f8ab73b7461fff21de30a7b726793c92e1d424853fc1e542e177d0c  bitcoin-e181bda061ca-x86_64-apple-darwin-unsigned.zip
     85e59bae13a52da47ecfd84d1f68578167ebef3b1f01195ad2ab3bd95cbc4c79  bitcoin-e181bda061ca-x86_64-linux-gnu-debug.tar.gz
     98a1a05649608451e1ecd6624bc8a29bfde0b807814297c6ed081c3fcdf1d008  bitcoin-e181bda061ca-x86_64-linux-gnu.tar.gz
     ef919b73e8d1658af4f36b66932205946826e8f28fc653d9315ea7bc297023c0  bitcoin-e181bda061ca-win64-setup.exe
     69ad6eaa66fb8154bcdf259c0944bb2bcbc55626e22388fbbf74e7898adf30b8  bitcoin-e181bda061ca-win64.zip
     c7174f6180ecffc72ca92e2832e810c0ba6e01b0e0d93d12e87648489c40d2f7  bitcoin-e181bda061ca-win64-codesigning.tar.gz
     dbef2b4fce7fccba81e26843408a6891e8dbe0065d18e73a0c0aa02caf9ad8b7  bitcoin-e181bda061ca-win64-debug.zip
     40002ea190fbbb1df2808aa30c21004e7291a088cde9a743c1dce396d2671a3b  bitcoin-e181bda061ca-win64-setup-unsigned.exe
     9a5a9d4b1379b2ef0909e5bec0359ce90f495d9f3208a22cac9ac6d595da3edc  bitcoin-e181bda061ca-win64-unsigned.zip
     

106. 
     pinheadmz commented at 9:08 PM on February 19, 2025: member

     Reviewers can also try downloading these signed binaries to see what their browsers think ... ?

     https://www.dropbox.com/scl/fo/zpz3gjtzz66gtejnqkrfs/AIWbAU_Y3pY_O93cy9Q6vds?rlkey=oucgyfg4sm5p9pa2c0gum2kxa&st=8t07hrcz&dl=0

     edit: never mind

107. 
     davidgumberg commented at 9:25 PM on February 19, 2025: contributor

     unsigned

     bitcoin-e181bda061ca-arm64-apple-darwin-unsigned.zip bitcoin-e181bda061ca-x86_64-apple-darwin-unsigned.zip

     codesigned

     bitcoin-e181bda061ca-arm64-apple-darwin.zip bitcoin-e181bda061ca-x86_64-apple-darwin.zip

     <details>

     <summary>

     all.SHA256SUMS

     </summary>

     09160970e038df29d6c2ae3da69adf77ac496f65e114e3bbb56272465b9c230a  bitcoin-e181bda061ca-aarch64-linux-gnu-debug.tar.gz
     f94c5f7734858dfc77717849934112cceef44a80b06fb1c21f41a78733092c6a  bitcoin-e181bda061ca-aarch64-linux-gnu.tar.gz
     44dcd5864d1c529c431f5e80966d4efe74a14330182460ac945852bc67ad7e84  bitcoin-e181bda061ca-arm-linux-gnueabihf-debug.tar.gz
     cff965267e9a25f8df0d36f04294be555d572dd7336bf5019c47a28f605cc489  bitcoin-e181bda061ca-arm-linux-gnueabihf.tar.gz
     3bec23389e5343dadc16ab3ed2bff897519a335ed970f8288521aa7ee7bdf4be  bitcoin-e181bda061ca-arm64-apple-darwin.tar.gz
     7f0b7259dc451610040e4fb5f1ef8947770a8fed363c64e00b06870bb5c94607  bitcoin-e181bda061ca-arm64-apple-darwin.zip
     00d4136e008ed4e93432d6aa353b1069ec1462b641fcdfd5199345113b8a49d2  bitcoin-e181bda061ca-arm64-apple-darwin-codesigning.tar.gz
     36ec89ca44cfbb912081a50e3b1604df14ac624b30950f006917c546359fd3bc  bitcoin-e181bda061ca-arm64-apple-darwin-unsigned.tar.gz
     8d80e0e513d0c5f5a2230606165de6fd283d55d9ee4cb0eece201012e88e11e1  bitcoin-e181bda061ca-arm64-apple-darwin-unsigned.zip
     ce0666f1527e5cf0f78b6dcddecc0ca9243cff8ff7086ce36d2530c085e7bb19  bitcoin-e181bda061ca-codesignatures-affdd2113f54.tar.gz
     703b6258d896bfef505bcc02d5320b1732f3c391775772d2e6f7efc5544d9ab1  bitcoin-e181bda061ca.tar.gz
     19cae39114674afdde3884fc494b654c3c233a39756a993909391b6dc985fcd6  bitcoin-e181bda061ca-powerpc64-linux-gnu-debug.tar.gz
     9c92cb2220d4431d86b63e5ab9c7d3dee64d9690c2ade7ccca396f1a1e48bb16  bitcoin-e181bda061ca-powerpc64-linux-gnu.tar.gz
     a529f947b177769e5e799aaca47cdd70fbb1063d5d0f932b31bc4405647e108f  bitcoin-e181bda061ca-riscv64-linux-gnu-debug.tar.gz
     afc182cc6cfac92e83b83f173aef4ab90e48551bc3bce101959a9d9a2f49c216  bitcoin-e181bda061ca-riscv64-linux-gnu.tar.gz
     c6f7cc3e70bb02ea7103efde9875e450fae51bd6dea0736a1cdedc7a8c9fb6bc  bitcoin-e181bda061ca-x86_64-apple-darwin.tar.gz
     6c787dc8e40e9912065dea790a8fa2499555d5fb66d6b19afdf95422891e4894  bitcoin-e181bda061ca-x86_64-apple-darwin.zip
     c6cfcb6ebba64842ca280af3ccc74ad971cb3092ffcc2f18151a36f0a1a17fd4  bitcoin-e181bda061ca-x86_64-apple-darwin-codesigning.tar.gz
     fcd053b24cc47258ea408f26188a3056086e10b1ed83b9c3f3bdc87d83626493  bitcoin-e181bda061ca-x86_64-apple-darwin-unsigned.tar.gz
     e218ad851f8ab73b7461fff21de30a7b726793c92e1d424853fc1e542e177d0c  bitcoin-e181bda061ca-x86_64-apple-darwin-unsigned.zip
     85e59bae13a52da47ecfd84d1f68578167ebef3b1f01195ad2ab3bd95cbc4c79  bitcoin-e181bda061ca-x86_64-linux-gnu-debug.tar.gz
     98a1a05649608451e1ecd6624bc8a29bfde0b807814297c6ed081c3fcdf1d008  bitcoin-e181bda061ca-x86_64-linux-gnu.tar.gz
     ef919b73e8d1658af4f36b66932205946826e8f28fc653d9315ea7bc297023c0  bitcoin-e181bda061ca-win64-setup.exe
     69ad6eaa66fb8154bcdf259c0944bb2bcbc55626e22388fbbf74e7898adf30b8  bitcoin-e181bda061ca-win64.zip
     c7174f6180ecffc72ca92e2832e810c0ba6e01b0e0d93d12e87648489c40d2f7  bitcoin-e181bda061ca-win64-codesigning.tar.gz
     dbef2b4fce7fccba81e26843408a6891e8dbe0065d18e73a0c0aa02caf9ad8b7  bitcoin-e181bda061ca-win64-debug.zip
     40002ea190fbbb1df2808aa30c21004e7291a088cde9a743c1dce396d2671a3b  bitcoin-e181bda061ca-win64-setup-unsigned.exe
     9a5a9d4b1379b2ef0909e5bec0359ce90f495d9f3208a22cac9ac6d595da3edc  bitcoin-e181bda061ca-win64-unsigned.zip
     

     </details>

     <details>

     <summary>

     noncodesigned.SHA256SUMS

     </summary>

     09160970e038df29d6c2ae3da69adf77ac496f65e114e3bbb56272465b9c230a  bitcoin-e181bda061ca-aarch64-linux-gnu-debug.tar.gz
     f94c5f7734858dfc77717849934112cceef44a80b06fb1c21f41a78733092c6a  bitcoin-e181bda061ca-aarch64-linux-gnu.tar.gz
     44dcd5864d1c529c431f5e80966d4efe74a14330182460ac945852bc67ad7e84  bitcoin-e181bda061ca-arm-linux-gnueabihf-debug.tar.gz
     cff965267e9a25f8df0d36f04294be555d572dd7336bf5019c47a28f605cc489  bitcoin-e181bda061ca-arm-linux-gnueabihf.tar.gz
     00d4136e008ed4e93432d6aa353b1069ec1462b641fcdfd5199345113b8a49d2  bitcoin-e181bda061ca-arm64-apple-darwin-codesigning.tar.gz
     36ec89ca44cfbb912081a50e3b1604df14ac624b30950f006917c546359fd3bc  bitcoin-e181bda061ca-arm64-apple-darwin-unsigned.tar.gz
     8d80e0e513d0c5f5a2230606165de6fd283d55d9ee4cb0eece201012e88e11e1  bitcoin-e181bda061ca-arm64-apple-darwin-unsigned.zip
     703b6258d896bfef505bcc02d5320b1732f3c391775772d2e6f7efc5544d9ab1  bitcoin-e181bda061ca.tar.gz
     19cae39114674afdde3884fc494b654c3c233a39756a993909391b6dc985fcd6  bitcoin-e181bda061ca-powerpc64-linux-gnu-debug.tar.gz
     9c92cb2220d4431d86b63e5ab9c7d3dee64d9690c2ade7ccca396f1a1e48bb16  bitcoin-e181bda061ca-powerpc64-linux-gnu.tar.gz
     a529f947b177769e5e799aaca47cdd70fbb1063d5d0f932b31bc4405647e108f  bitcoin-e181bda061ca-riscv64-linux-gnu-debug.tar.gz
     afc182cc6cfac92e83b83f173aef4ab90e48551bc3bce101959a9d9a2f49c216  bitcoin-e181bda061ca-riscv64-linux-gnu.tar.gz
     c6cfcb6ebba64842ca280af3ccc74ad971cb3092ffcc2f18151a36f0a1a17fd4  bitcoin-e181bda061ca-x86_64-apple-darwin-codesigning.tar.gz
     fcd053b24cc47258ea408f26188a3056086e10b1ed83b9c3f3bdc87d83626493  bitcoin-e181bda061ca-x86_64-apple-darwin-unsigned.tar.gz
     e218ad851f8ab73b7461fff21de30a7b726793c92e1d424853fc1e542e177d0c  bitcoin-e181bda061ca-x86_64-apple-darwin-unsigned.zip
     85e59bae13a52da47ecfd84d1f68578167ebef3b1f01195ad2ab3bd95cbc4c79  bitcoin-e181bda061ca-x86_64-linux-gnu-debug.tar.gz
     98a1a05649608451e1ecd6624bc8a29bfde0b807814297c6ed081c3fcdf1d008  bitcoin-e181bda061ca-x86_64-linux-gnu.tar.gz
     c7174f6180ecffc72ca92e2832e810c0ba6e01b0e0d93d12e87648489c40d2f7  bitcoin-e181bda061ca-win64-codesigning.tar.gz
     dbef2b4fce7fccba81e26843408a6891e8dbe0065d18e73a0c0aa02caf9ad8b7  bitcoin-e181bda061ca-win64-debug.zip
     40002ea190fbbb1df2808aa30c21004e7291a088cde9a743c1dce396d2671a3b  bitcoin-e181bda061ca-win64-setup-unsigned.exe
     9a5a9d4b1379b2ef0909e5bec0359ce90f495d9f3208a22cac9ac6d595da3edc  bitcoin-e181bda061ca-win64-unsigned.zip
     

108. 
     achow101 commented at 9:55 PM on February 19, 2025: member

     d043dbd79662ee324ab809061405c71ecb4dbd9c1100ea7fcfc72bfb8e775a20  guix-build-e181bda061ca/output/aarch64-linux-gnu/SHA256SUMS.part
     09160970e038df29d6c2ae3da69adf77ac496f65e114e3bbb56272465b9c230a  guix-build-e181bda061ca/output/aarch64-linux-gnu/bitcoin-e181bda061ca-aarch64-linux-gnu-debug.tar.gz
     f94c5f7734858dfc77717849934112cceef44a80b06fb1c21f41a78733092c6a  guix-build-e181bda061ca/output/aarch64-linux-gnu/bitcoin-e181bda061ca-aarch64-linux-gnu.tar.gz
     a28ae11a5585624e18c9c85f5c4a0fb095956296817ae93a6292ec86d094e6f3  guix-build-e181bda061ca/output/arm-linux-gnueabihf/SHA256SUMS.part
     44dcd5864d1c529c431f5e80966d4efe74a14330182460ac945852bc67ad7e84  guix-build-e181bda061ca/output/arm-linux-gnueabihf/bitcoin-e181bda061ca-arm-linux-gnueabihf-debug.tar.gz
     cff965267e9a25f8df0d36f04294be555d572dd7336bf5019c47a28f605cc489  guix-build-e181bda061ca/output/arm-linux-gnueabihf/bitcoin-e181bda061ca-arm-linux-gnueabihf.tar.gz
     2bc98ea18648c64ddfbc4136e421e561090c49c2f497cec71ae2fcdd91a36269  guix-build-e181bda061ca/output/arm64-apple-darwin-codesigned/SHA256SUMS.part
     3bec23389e5343dadc16ab3ed2bff897519a335ed970f8288521aa7ee7bdf4be  guix-build-e181bda061ca/output/arm64-apple-darwin-codesigned/bitcoin-e181bda061ca-arm64-apple-darwin.tar.gz
     7f0b7259dc451610040e4fb5f1ef8947770a8fed363c64e00b06870bb5c94607  guix-build-e181bda061ca/output/arm64-apple-darwin-codesigned/bitcoin-e181bda061ca-arm64-apple-darwin.zip
     53b1abee1897bfd31f8244fd63fe86cad7ba49aafe01b2d8ba05f1fa9ca7ea49  guix-build-e181bda061ca/output/arm64-apple-darwin/SHA256SUMS.part
     00d4136e008ed4e93432d6aa353b1069ec1462b641fcdfd5199345113b8a49d2  guix-build-e181bda061ca/output/arm64-apple-darwin/bitcoin-e181bda061ca-arm64-apple-darwin-codesigning.tar.gz
     36ec89ca44cfbb912081a50e3b1604df14ac624b30950f006917c546359fd3bc  guix-build-e181bda061ca/output/arm64-apple-darwin/bitcoin-e181bda061ca-arm64-apple-darwin-unsigned.tar.gz
     8d80e0e513d0c5f5a2230606165de6fd283d55d9ee4cb0eece201012e88e11e1  guix-build-e181bda061ca/output/arm64-apple-darwin/bitcoin-e181bda061ca-arm64-apple-darwin-unsigned.zip
     ce0666f1527e5cf0f78b6dcddecc0ca9243cff8ff7086ce36d2530c085e7bb19  guix-build-e181bda061ca/output/dist-archive/bitcoin-e181bda061ca-codesignatures-affdd2113f54.tar.gz
     703b6258d896bfef505bcc02d5320b1732f3c391775772d2e6f7efc5544d9ab1  guix-build-e181bda061ca/output/dist-archive/bitcoin-e181bda061ca.tar.gz
     32e34ff5601083f706a1638bd140395446c5613a65383a2b3a275e1c9d7236f1  guix-build-e181bda061ca/output/powerpc64-linux-gnu/SHA256SUMS.part
     19cae39114674afdde3884fc494b654c3c233a39756a993909391b6dc985fcd6  guix-build-e181bda061ca/output/powerpc64-linux-gnu/bitcoin-e181bda061ca-powerpc64-linux-gnu-debug.tar.gz
     9c92cb2220d4431d86b63e5ab9c7d3dee64d9690c2ade7ccca396f1a1e48bb16  guix-build-e181bda061ca/output/powerpc64-linux-gnu/bitcoin-e181bda061ca-powerpc64-linux-gnu.tar.gz
     5a472ba05a65577eb9849b6b478976aa206646e69c67fccb3687e80416596352  guix-build-e181bda061ca/output/riscv64-linux-gnu/SHA256SUMS.part
     a529f947b177769e5e799aaca47cdd70fbb1063d5d0f932b31bc4405647e108f  guix-build-e181bda061ca/output/riscv64-linux-gnu/bitcoin-e181bda061ca-riscv64-linux-gnu-debug.tar.gz
     afc182cc6cfac92e83b83f173aef4ab90e48551bc3bce101959a9d9a2f49c216  guix-build-e181bda061ca/output/riscv64-linux-gnu/bitcoin-e181bda061ca-riscv64-linux-gnu.tar.gz
     d29c36dfcefc7eb08963f0fb4a3126f69d6fe6673f2bc1dc3e338c0300381fe9  guix-build-e181bda061ca/output/x86_64-apple-darwin-codesigned/SHA256SUMS.part
     c6f7cc3e70bb02ea7103efde9875e450fae51bd6dea0736a1cdedc7a8c9fb6bc  guix-build-e181bda061ca/output/x86_64-apple-darwin-codesigned/bitcoin-e181bda061ca-x86_64-apple-darwin.tar.gz
     6c787dc8e40e9912065dea790a8fa2499555d5fb66d6b19afdf95422891e4894  guix-build-e181bda061ca/output/x86_64-apple-darwin-codesigned/bitcoin-e181bda061ca-x86_64-apple-darwin.zip
     3bc3e3bd4f71ccec939b0bf3e898bfd2b9324a1fe267d6d37e5d4ceb5cbb7f05  guix-build-e181bda061ca/output/x86_64-apple-darwin/SHA256SUMS.part
     c6cfcb6ebba64842ca280af3ccc74ad971cb3092ffcc2f18151a36f0a1a17fd4  guix-build-e181bda061ca/output/x86_64-apple-darwin/bitcoin-e181bda061ca-x86_64-apple-darwin-codesigning.tar.gz
     fcd053b24cc47258ea408f26188a3056086e10b1ed83b9c3f3bdc87d83626493  guix-build-e181bda061ca/output/x86_64-apple-darwin/bitcoin-e181bda061ca-x86_64-apple-darwin-unsigned.tar.gz
     e218ad851f8ab73b7461fff21de30a7b726793c92e1d424853fc1e542e177d0c  guix-build-e181bda061ca/output/x86_64-apple-darwin/bitcoin-e181bda061ca-x86_64-apple-darwin-unsigned.zip
     327038413e7325f9d82687ebe063f4a5ce4dfce3cf95af071b376d96a261a6b5  guix-build-e181bda061ca/output/x86_64-linux-gnu/SHA256SUMS.part
     85e59bae13a52da47ecfd84d1f68578167ebef3b1f01195ad2ab3bd95cbc4c79  guix-build-e181bda061ca/output/x86_64-linux-gnu/bitcoin-e181bda061ca-x86_64-linux-gnu-debug.tar.gz
     98a1a05649608451e1ecd6624bc8a29bfde0b807814297c6ed081c3fcdf1d008  guix-build-e181bda061ca/output/x86_64-linux-gnu/bitcoin-e181bda061ca-x86_64-linux-gnu.tar.gz
     70828d3fcfc3fd36ae088d9b016ebdc5a344910c9c74db874e4f6e9934277eeb  guix-build-e181bda061ca/output/x86_64-w64-mingw32-codesigned/SHA256SUMS.part
     ef919b73e8d1658af4f36b66932205946826e8f28fc653d9315ea7bc297023c0  guix-build-e181bda061ca/output/x86_64-w64-mingw32-codesigned/bitcoin-e181bda061ca-win64-setup.exe
     69ad6eaa66fb8154bcdf259c0944bb2bcbc55626e22388fbbf74e7898adf30b8  guix-build-e181bda061ca/output/x86_64-w64-mingw32-codesigned/bitcoin-e181bda061ca-win64.zip
     5b3a716a791387cce1178757b6541a19871aed744e1246ed332857ba3d00dd3f  guix-build-e181bda061ca/output/x86_64-w64-mingw32/SHA256SUMS.part
     c7174f6180ecffc72ca92e2832e810c0ba6e01b0e0d93d12e87648489c40d2f7  guix-build-e181bda061ca/output/x86_64-w64-mingw32/bitcoin-e181bda061ca-win64-codesigning.tar.gz
     dbef2b4fce7fccba81e26843408a6891e8dbe0065d18e73a0c0aa02caf9ad8b7  guix-build-e181bda061ca/output/x86_64-w64-mingw32/bitcoin-e181bda061ca-win64-debug.zip
     40002ea190fbbb1df2808aa30c21004e7291a088cde9a743c1dce396d2671a3b  guix-build-e181bda061ca/output/x86_64-w64-mingw32/bitcoin-e181bda061ca-win64-setup-unsigned.exe
     9a5a9d4b1379b2ef0909e5bec0359ce90f495d9f3208a22cac9ac6d595da3edc  guix-build-e181bda061ca/output/x86_64-w64-mingw32/bitcoin-e181bda061ca-win64-unsigned.zip
     

109. 
     Sjors commented at 9:07 AM on February 20, 2025: member

     I only guix-built the macOS hosts, and those hashes match @achow101.

     When downloading with Safari:

     • the zip (GUI) archives work on both my ARM and Intel macs
     • for the tar.gz archive both M4 and Intel macs still refused to start bitcoind from Finder
       • x86 (sha256: c6f7cc3e70bb02ea7103efde9875e450fae51bd6dea0736a1cdedc7a8c9fb6bc)
       • arm (sha256: 3bec23389e5343dadc16ab3ed2bff897519a335ed970f8288521aa7ee7bdf4be)
     • when I run these binaries from the command line they work! 🎉

     So the following workflow works, and is probably what most people do: download with Safari, which automatically extracts the gz layer. Then double-click to extract the Tar in Finder. And then start bitcoind from the terminal.

     The only confusing bit is that you can't start bitcoind from finder, which isn't super useful anyway. Except for bitcoin-qt where this is annoying, however most GUI users will presumably download the zip archive.

     Using xattr -dr com.apple.quarantine bitcoin-e181bda061ca/bin/bitcoin-qt frees up the binary so that you can run it from Finder as well. So it seems the binaries still get some level of quarantine, but at least they work from the terminal which is the most important.

110. 
     Sjors commented at 9:37 AM on February 20, 2025: member

     @achow101 for 096525e92cc2f5a4318bae13cedd2cf36b928d5f did you only notarize the arm binaries and not x86? As a sanity check I tried that archive again, to see what happens I start binaries from the terminal. bitcoind works and the others refuse. Once I right-click open the other binaries, they start working. Since I right-click opened that version of bitcoind yesterday, that makes sense, and implies the notarization indeed helps.

     One more thing worth trying might be to notarize the tar.gz archive. However it seems Finder launches things in a different way than the Terminal, and it might Just Not Work (tm): https://stackoverflow.com/a/75161940

     An earlier Apple Forum thread also suggests that the way to notarize these binaries is to put the contents of the tar.gz archive into a zip and then upload: https://developer.apple.com/forums/thread/651759

111. 
     achow101 commented at 3:52 PM on February 20, 2025: member

     for 096525e did you only notarize the arm binaries and not x86?

     Yes

     One more thing worth trying might be to notarize the tar.gz archive.

     Only binaries are notarized, not archives.

     An earlier Apple Forum thread also suggests that the way to notarize these binaries is to put the contents of the tar.gz archive into a zip and then upload

     That's what we're doing.

112. 
     pinheadmz commented at 4:17 PM on February 20, 2025: member

     Can confirm behavior described by @Sjors. Seems like apple is confusing itself?

     <img src="https://github.com/user-attachments/assets/1774cca4-92e1-4c08-a8cc-34fe195c2cc0" width="300">

     but binary is signed:

     --> codesign -vd --verbose=4 /Users/matthewzipkin/Desktop/bitcoin-e181bda061ca/bin/bitcoind 
     Executable=/Users/matthewzipkin/Desktop/bitcoin-e181bda061ca/bin/bitcoind
     Identifier=bitcoind
     Format=Mach-O thin (arm64)
     CodeDirectory v=20500 size=23284 flags=0x10000(runtime) hashes=722+2 location=embedded
     VersionPlatform=1
     VersionMin=851968
     VersionSDK=917504
     Hash type=sha256 size=32
     CandidateCDHash sha256=b1d062a9bd9e4288b54b91045d0d3900b8186af3
     CandidateCDHashFull sha256=b1d062a9bd9e4288b54b91045d0d3900b8186af307a5b41749d47d20d970b603
     Hash choices=sha256
     CMSDigest=b1d062a9bd9e4288b54b91045d0d3900b8186af307a5b41749d47d20d970b603
     CMSDigestType=2
     Page size=16384
     CDHash=b1d062a9bd9e4288b54b91045d0d3900b8186af3
     Signature size=9008
     Authority=Developer ID Application: Bitcoin Core Code Signing Association (YZC7WH3MRU)
     Authority=Developer ID Certification Authority
     Authority=Apple Root CA
     Timestamp=Feb 19, 2025 at 3:35:41 PM
     Info.plist=not bound
     TeamIdentifier=YZC7WH3MRU
     Runtime Version=14.0.0
     Sealed Resources=none
     Internal requirements count=1 size=104
     

     and running the binary from command line is fine:

     --> /Users/matthewzipkin/Desktop/bitcoin-e181bda061ca/bin/bitcoind 
     2025-02-20T16:14:29Z Bitcoin Core version v28.99.0-ge181bda061ca63021511be6e286fdf6a5818df49 (release build)
     2025-02-20T16:14:29Z Script verification uses 7 additional threads
     ...
     

113. 
     achow101 commented at 4:45 PM on February 20, 2025: member

     According to https://developer.apple.com/forums/thread/706379, starting a command line tool from Finder just doesn't work in general.

114. 
     pinheadmz commented at 4:55 PM on February 20, 2025: member

     Hm! It does work if I build and codesign remotely then download with SFTP.

     

115. 
     Sjors commented at 8:19 AM on February 21, 2025: member

     @pinheadmz you can even run ad-hoc signed binaries when you scp them.

116. 
     Sjors commented at 8:33 AM on February 21, 2025: member

     An earlier Apple Forum thread also suggests that the way to notarize these binaries is to put the contents of the tar.gz archive into a zip and then upload

     That's what we're doing.

     Maybe I'm misreading the find incantation here:

     # Notarize the binaries
     # Binaries cannot have stapled notarizations so this does not actually generate any output
     binaries_dir=$(dirname "$(find . -maxdepth 2 -wholename '*/bin' -type d -exec realpath --relative-to=. {} \;)")
     ${SIGNAPPLE} notarize --passphrase "${api_key_pass}" "$2" "$3" "${binaries_dir}"
     

     But it seems that this only picks the binaries. But if I understand the Apple priests correctly, you have to send the whole package.

     However I agree that if this works it would contradict this:

     According to https://developer.apple.com/forums/thread/706379, starting a command line tool from Finder just doesn't work in general.

     Unless they recently fixed bug 58097824 (or do so in the future; it's only been open for 5 years). But the step may be unnecessary in any case. Apple's description of the issue suggest it's really about individual binaries, not the archive.

     Tool Blocked by Gatekeeper If your product includes a command-line tool, you might notice this behaviour: When you double click the tool in Finder, it’s blocked by Gatekeeper. When you run the tool from within Terminal, it works.

     This is a known bug in macOS (r. 58097824). The issue is that, when you double click a tool in the Finder, it doesn’t run Gatekeeper’s standard execution logic. Rather, the Finder passes the tool to Terminal as a document and that opens a window (and associated shell) in which to run that document. This triggers Gatekeeper’s document logic, and that logic always blocks the tool.

     There are two ways around this:

     Embed your tool in an application. If the user runs the application first, Gatekeeper runs its normal application check. If the user allows the app to run, Gatekeeper records that decision and applies it to the app and any code within the app, including your tool.

     This might explain what @darosior experienced when bundling bitcoind inside Liana: #31407 (comment)

     And it's potentially good news for a multiprocess future where the GUI might be launching a node process.

     Install your tool using an installer package. When the user goes to install the package, Gatekeeper checks it. Assuming that check passes, Gatekeeper does no further checks on the content it installed.

     I don't think we want to go this route.

117. 
     hebasto commented at 3:32 PM on February 21, 2025: member

     So the following workflow works, and is probably what most people do: download with Safari, which automatically extracts the gz layer. Then double-click to extract the Tar in Finder. And then start bitcoind from the terminal.

     I can confirm that this workflow works.

118. 
     hebasto commented at 4:51 PM on February 21, 2025: member

     My Guix build:

     2bc98ea18648c64ddfbc4136e421e561090c49c2f497cec71ae2fcdd91a36269  guix-build-e181bda061ca/output/arm64-apple-darwin-codesigned/SHA256SUMS.part
     3bec23389e5343dadc16ab3ed2bff897519a335ed970f8288521aa7ee7bdf4be  guix-build-e181bda061ca/output/arm64-apple-darwin-codesigned/bitcoin-e181bda061ca-arm64-apple-darwin.tar.gz
     7f0b7259dc451610040e4fb5f1ef8947770a8fed363c64e00b06870bb5c94607  guix-build-e181bda061ca/output/arm64-apple-darwin-codesigned/bitcoin-e181bda061ca-arm64-apple-darwin.zip
     53b1abee1897bfd31f8244fd63fe86cad7ba49aafe01b2d8ba05f1fa9ca7ea49  guix-build-e181bda061ca/output/arm64-apple-darwin/SHA256SUMS.part
     00d4136e008ed4e93432d6aa353b1069ec1462b641fcdfd5199345113b8a49d2  guix-build-e181bda061ca/output/arm64-apple-darwin/bitcoin-e181bda061ca-arm64-apple-darwin-codesigning.tar.gz
     36ec89ca44cfbb912081a50e3b1604df14ac624b30950f006917c546359fd3bc  guix-build-e181bda061ca/output/arm64-apple-darwin/bitcoin-e181bda061ca-arm64-apple-darwin-unsigned.tar.gz
     8d80e0e513d0c5f5a2230606165de6fd283d55d9ee4cb0eece201012e88e11e1  guix-build-e181bda061ca/output/arm64-apple-darwin/bitcoin-e181bda061ca-arm64-apple-darwin-unsigned.zip
     ce0666f1527e5cf0f78b6dcddecc0ca9243cff8ff7086ce36d2530c085e7bb19  guix-build-e181bda061ca/output/dist-archive/bitcoin-e181bda061ca-codesignatures-affdd2113f54.tar.gz
     703b6258d896bfef505bcc02d5320b1732f3c391775772d2e6f7efc5544d9ab1  guix-build-e181bda061ca/output/dist-archive/bitcoin-e181bda061ca.tar.gz
     d29c36dfcefc7eb08963f0fb4a3126f69d6fe6673f2bc1dc3e338c0300381fe9  guix-build-e181bda061ca/output/x86_64-apple-darwin-codesigned/SHA256SUMS.part
     c6f7cc3e70bb02ea7103efde9875e450fae51bd6dea0736a1cdedc7a8c9fb6bc  guix-build-e181bda061ca/output/x86_64-apple-darwin-codesigned/bitcoin-e181bda061ca-x86_64-apple-darwin.tar.gz
     6c787dc8e40e9912065dea790a8fa2499555d5fb66d6b19afdf95422891e4894  guix-build-e181bda061ca/output/x86_64-apple-darwin-codesigned/bitcoin-e181bda061ca-x86_64-apple-darwin.zip
     3bc3e3bd4f71ccec939b0bf3e898bfd2b9324a1fe267d6d37e5d4ceb5cbb7f05  guix-build-e181bda061ca/output/x86_64-apple-darwin/SHA256SUMS.part
     c6cfcb6ebba64842ca280af3ccc74ad971cb3092ffcc2f18151a36f0a1a17fd4  guix-build-e181bda061ca/output/x86_64-apple-darwin/bitcoin-e181bda061ca-x86_64-apple-darwin-codesigning.tar.gz
     fcd053b24cc47258ea408f26188a3056086e10b1ed83b9c3f3bdc87d83626493  guix-build-e181bda061ca/output/x86_64-apple-darwin/bitcoin-e181bda061ca-x86_64-apple-darwin-unsigned.tar.gz
     e218ad851f8ab73b7461fff21de30a7b726793c92e1d424853fc1e542e177d0c  guix-build-e181bda061ca/output/x86_64-apple-darwin/bitcoin-e181bda061ca-x86_64-apple-darwin-unsigned.zip
     70828d3fcfc3fd36ae088d9b016ebdc5a344910c9c74db874e4f6e9934277eeb  guix-build-e181bda061ca/output/x86_64-w64-mingw32-codesigned/SHA256SUMS.part
     ef919b73e8d1658af4f36b66932205946826e8f28fc653d9315ea7bc297023c0  guix-build-e181bda061ca/output/x86_64-w64-mingw32-codesigned/bitcoin-e181bda061ca-win64-setup.exe
     69ad6eaa66fb8154bcdf259c0944bb2bcbc55626e22388fbbf74e7898adf30b8  guix-build-e181bda061ca/output/x86_64-w64-mingw32-codesigned/bitcoin-e181bda061ca-win64.zip
     5b3a716a791387cce1178757b6541a19871aed744e1246ed332857ba3d00dd3f  guix-build-e181bda061ca/output/x86_64-w64-mingw32/SHA256SUMS.part
     c7174f6180ecffc72ca92e2832e810c0ba6e01b0e0d93d12e87648489c40d2f7  guix-build-e181bda061ca/output/x86_64-w64-mingw32/bitcoin-e181bda061ca-win64-codesigning.tar.gz
     dbef2b4fce7fccba81e26843408a6891e8dbe0065d18e73a0c0aa02caf9ad8b7  guix-build-e181bda061ca/output/x86_64-w64-mingw32/bitcoin-e181bda061ca-win64-debug.zip
     40002ea190fbbb1df2808aa30c21004e7291a088cde9a743c1dce396d2671a3b  guix-build-e181bda061ca/output/x86_64-w64-mingw32/bitcoin-e181bda061ca-win64-setup-unsigned.exe
     9a5a9d4b1379b2ef0909e5bec0359ce90f495d9f3208a22cac9ac6d595da3edc  guix-build-e181bda061ca/output/x86_64-w64-mingw32/bitcoin-e181bda061ca-win64-unsigned.zip
     

119. 
     hebasto commented at 5:23 PM on February 21, 2025: member

     The x86_64-w64-mingw32-codesigned component—including the installer and archived binaries—has been tested on Windows 11 Pro 24H2. All signatures appear correct.

120. 
     achow101 commented at 5:37 PM on February 21, 2025: member

     But it seems that this only picks the binaries. But if I understand the Apple priests correctly, you have to send the whole package.

     The directory is passed to signapple which will proceed to zip it. The directory is the bitcoin-<commit> directory that you get when untarring the tarball. The weird find to get that is because we don't know the commit hash during codesigning. Binaries by themselves cannot be uploaded (I tried).

121. 
     Sjors commented at 5:46 PM on February 21, 2025: member

     Note that this only affects code signers so I will hold off on updating signapple in guix for now.

     Do you want to include these and then have us ACK-away at the PR?

     Or maybe wait for #31161 and rebase to make sure that didn't break anything.

122. luke-jr referenced this in commit 8f33e97276 on Feb 22, 2025
123. luke-jr referenced this in commit 5ef2722196 on Feb 22, 2025
124. luke-jr referenced this in commit 7134e054d2 on Feb 22, 2025
125. luke-jr referenced this in commit 5a8198f8fe on Feb 22, 2025
126. 
     achow101 commented at 5:27 AM on February 22, 2025: member

     Do you want to include these and then have us ACK-away at the PR?

     You can ack this as-is, the changes to signapple are not necessary for the guix environment.

     Or maybe wait for #31161 and rebase to make sure that didn't break anything.

     It shouldn't as that's not supposed to affect releases, and this does not touch cmake.

127. DrahtBot added the label CI failed on Feb 27, 2025
128. luke-jr referenced this in commit af43cec3f5 on Feb 28, 2025
129. luke-jr referenced this in commit 65567334d8 on Feb 28, 2025
130. DrahtBot removed the label CI failed on Feb 28, 2025
131. 
     Sjors commented at 12:12 PM on March 4, 2025: member

     Tested ACK e181bda061ca63021511be6e286fdf6a5818df49

     I only tested on macOS (Intel and Apple Silicon), and only lightly reviewed the code.

132. DrahtBot requested review from willcl-ark on Mar 4, 2025
133. pinheadmz approved
134. 
     pinheadmz commented at 7:19 PM on March 4, 2025: member

     tested ACK e181bda061ca63021511be6e286fdf6a5818df49

     Codesigning process works and is properly documented. tested codesigned binaries on arm64/macos. Shallow review of code looks good and certainly is in the right scope (just shell scripts modified). Will test signed win64 binary asap.

135. glozow assigned fanquake on Mar 4, 2025
136. 
     davidgumberg commented at 4:01 AM on March 5, 2025: contributor

     Tested ACK https://github.com/bitcoin/bitcoin/commit/e181bda061ca63021511be6e286fdf6a5818df49.

     Codesigned binary looks good on Windows 10:

     And both codesigned and unsigned binaries execute normally on Windows 10.

     Tested on arm macOS 10.14.6 and the codesigned binary works great as expected.

     One small issue is that it seems the unsigned binary produced by guix is failing to launch on macOS, even after performing the gatekeeper "open anyway" ceremony:

     $ open ./Bitcoin-Qt.app
     The application cannot be opened for an unexpected reason, error=Error Domain=RBSRequestErrorDomain Code=5 "Launch failed." UserInfo={NSLocalizedFailureReason=Launch failed., NSUnderlyingError=0x600003b64210 {Error Domain=NSPOSIXErrorDomain Code=153 "Unknown error: 153" UserInfo={NSLocalizedDescription=Launchd job spawn failed}}}
     

     ...but maybe this is expected or acceptable behavior?

137. 
     achow101 commented at 4:17 AM on March 5, 2025: member

     One small issue is that it seems the unsigned binary produced by guix is failing to launch on macOS, even after performing the gatekeeper "open anyway" ceremony:

     [...]

     ...but maybe this is expected or acceptable behavior?

     I believe this is expected for the unsigned binaries.

138. 
     fanquake commented at 10:09 AM on March 5, 2025: member

     I believe this is expected for the unsigned binaries.

     Can you elaborate on why this is this expected? If the unsigned binaries will no-longer work at all (regardless of any workarounds), then I assume we are going to stop uploading them entirely?

139. 
     Sjors commented at 12:37 PM on March 5, 2025: member

     @fanquake we don't publish them on the download site, but we do put them on bitcoincore.org/bin. It seems harmless, but not useful.

     The unsigned downloads still work if users (or some docker automation) self-sign, though that's pointless now that we offer a correctly signed alternative.

     Even if Apple ever revokes our certificate, afaik it's possible for users to self-sign and override our signature.[^1]

     If the user does a guix build themselves and copies the unsigned binaries using (something like) scp, then they'll run fine. But we don't have to upload them.

     On Intel macs Gatekeeper is less obnoxious, but again, we have signed binaries.

     [^1] https://developer.apple.com/forums/thread/127861

140. 
     fanquake commented at 1:36 PM on March 5, 2025: member

     @Sjors My main question is why are the unsigned binaries in this PR, behaving differently to the unsigned binaries currently produced by master, and why that new failure message/behaviour is expected?

141. 
     willcl-ark commented at 1:44 PM on March 5, 2025: member

     My guix hashes:

     d043dbd79662ee324ab809061405c71ecb4dbd9c1100ea7fcfc72bfb8e775a20  guix-build-e181bda061ca/output/aarch64-linux-gnu/SHA256SUMS.part
     09160970e038df29d6c2ae3da69adf77ac496f65e114e3bbb56272465b9c230a  guix-build-e181bda061ca/output/aarch64-linux-gnu/bitcoin-e181bda061ca-aarch64-linux-gnu-debug.tar.gz
     f94c5f7734858dfc77717849934112cceef44a80b06fb1c21f41a78733092c6a  guix-build-e181bda061ca/output/aarch64-linux-gnu/bitcoin-e181bda061ca-aarch64-linux-gnu.tar.gz
     a28ae11a5585624e18c9c85f5c4a0fb095956296817ae93a6292ec86d094e6f3  guix-build-e181bda061ca/output/arm-linux-gnueabihf/SHA256SUMS.part
     44dcd5864d1c529c431f5e80966d4efe74a14330182460ac945852bc67ad7e84  guix-build-e181bda061ca/output/arm-linux-gnueabihf/bitcoin-e181bda061ca-arm-linux-gnueabihf-debug.tar.gz
     cff965267e9a25f8df0d36f04294be555d572dd7336bf5019c47a28f605cc489  guix-build-e181bda061ca/output/arm-linux-gnueabihf/bitcoin-e181bda061ca-arm-linux-gnueabihf.tar.gz
     2bc98ea18648c64ddfbc4136e421e561090c49c2f497cec71ae2fcdd91a36269  guix-build-e181bda061ca/output/arm64-apple-darwin-codesigned/SHA256SUMS.part
     3bec23389e5343dadc16ab3ed2bff897519a335ed970f8288521aa7ee7bdf4be  guix-build-e181bda061ca/output/arm64-apple-darwin-codesigned/bitcoin-e181bda061ca-arm64-apple-darwin.tar.gz
     7f0b7259dc451610040e4fb5f1ef8947770a8fed363c64e00b06870bb5c94607  guix-build-e181bda061ca/output/arm64-apple-darwin-codesigned/bitcoin-e181bda061ca-arm64-apple-darwin.zip
     53b1abee1897bfd31f8244fd63fe86cad7ba49aafe01b2d8ba05f1fa9ca7ea49  guix-build-e181bda061ca/output/arm64-apple-darwin/SHA256SUMS.part
     00d4136e008ed4e93432d6aa353b1069ec1462b641fcdfd5199345113b8a49d2  guix-build-e181bda061ca/output/arm64-apple-darwin/bitcoin-e181bda061ca-arm64-apple-darwin-codesigning.tar.gz
     36ec89ca44cfbb912081a50e3b1604df14ac624b30950f006917c546359fd3bc  guix-build-e181bda061ca/output/arm64-apple-darwin/bitcoin-e181bda061ca-arm64-apple-darwin-unsigned.tar.gz
     8d80e0e513d0c5f5a2230606165de6fd283d55d9ee4cb0eece201012e88e11e1  guix-build-e181bda061ca/output/arm64-apple-darwin/bitcoin-e181bda061ca-arm64-apple-darwin-unsigned.zip
     ce0666f1527e5cf0f78b6dcddecc0ca9243cff8ff7086ce36d2530c085e7bb19  guix-build-e181bda061ca/output/dist-archive/bitcoin-e181bda061ca-codesignatures-affdd2113f54.tar.gz
     703b6258d896bfef505bcc02d5320b1732f3c391775772d2e6f7efc5544d9ab1  guix-build-e181bda061ca/output/dist-archive/bitcoin-e181bda061ca.tar.gz
     32e34ff5601083f706a1638bd140395446c5613a65383a2b3a275e1c9d7236f1  guix-build-e181bda061ca/output/powerpc64-linux-gnu/SHA256SUMS.part
     19cae39114674afdde3884fc494b654c3c233a39756a993909391b6dc985fcd6  guix-build-e181bda061ca/output/powerpc64-linux-gnu/bitcoin-e181bda061ca-powerpc64-linux-gnu-debug.tar.gz
     9c92cb2220d4431d86b63e5ab9c7d3dee64d9690c2ade7ccca396f1a1e48bb16  guix-build-e181bda061ca/output/powerpc64-linux-gnu/bitcoin-e181bda061ca-powerpc64-linux-gnu.tar.gz
     5a472ba05a65577eb9849b6b478976aa206646e69c67fccb3687e80416596352  guix-build-e181bda061ca/output/riscv64-linux-gnu/SHA256SUMS.part
     a529f947b177769e5e799aaca47cdd70fbb1063d5d0f932b31bc4405647e108f  guix-build-e181bda061ca/output/riscv64-linux-gnu/bitcoin-e181bda061ca-riscv64-linux-gnu-debug.tar.gz
     afc182cc6cfac92e83b83f173aef4ab90e48551bc3bce101959a9d9a2f49c216  guix-build-e181bda061ca/output/riscv64-linux-gnu/bitcoin-e181bda061ca-riscv64-linux-gnu.tar.gz
     d29c36dfcefc7eb08963f0fb4a3126f69d6fe6673f2bc1dc3e338c0300381fe9  guix-build-e181bda061ca/output/x86_64-apple-darwin-codesigned/SHA256SUMS.part
     c6f7cc3e70bb02ea7103efde9875e450fae51bd6dea0736a1cdedc7a8c9fb6bc  guix-build-e181bda061ca/output/x86_64-apple-darwin-codesigned/bitcoin-e181bda061ca-x86_64-apple-darwin.tar.gz
     6c787dc8e40e9912065dea790a8fa2499555d5fb66d6b19afdf95422891e4894  guix-build-e181bda061ca/output/x86_64-apple-darwin-codesigned/bitcoin-e181bda061ca-x86_64-apple-darwin.zip
     3bc3e3bd4f71ccec939b0bf3e898bfd2b9324a1fe267d6d37e5d4ceb5cbb7f05  guix-build-e181bda061ca/output/x86_64-apple-darwin/SHA256SUMS.part
     c6cfcb6ebba64842ca280af3ccc74ad971cb3092ffcc2f18151a36f0a1a17fd4  guix-build-e181bda061ca/output/x86_64-apple-darwin/bitcoin-e181bda061ca-x86_64-apple-darwin-codesigning.tar.gz
     fcd053b24cc47258ea408f26188a3056086e10b1ed83b9c3f3bdc87d83626493  guix-build-e181bda061ca/output/x86_64-apple-darwin/bitcoin-e181bda061ca-x86_64-apple-darwin-unsigned.tar.gz
     e218ad851f8ab73b7461fff21de30a7b726793c92e1d424853fc1e542e177d0c  guix-build-e181bda061ca/output/x86_64-apple-darwin/bitcoin-e181bda061ca-x86_64-apple-darwin-unsigned.zip
     327038413e7325f9d82687ebe063f4a5ce4dfce3cf95af071b376d96a261a6b5  guix-build-e181bda061ca/output/x86_64-linux-gnu/SHA256SUMS.part
     85e59bae13a52da47ecfd84d1f68578167ebef3b1f01195ad2ab3bd95cbc4c79  guix-build-e181bda061ca/output/x86_64-linux-gnu/bitcoin-e181bda061ca-x86_64-linux-gnu-debug.tar.gz
     98a1a05649608451e1ecd6624bc8a29bfde0b807814297c6ed081c3fcdf1d008  guix-build-e181bda061ca/output/x86_64-linux-gnu/bitcoin-e181bda061ca-x86_64-linux-gnu.tar.gz
     70828d3fcfc3fd36ae088d9b016ebdc5a344910c9c74db874e4f6e9934277eeb  guix-build-e181bda061ca/output/x86_64-w64-mingw32-codesigned/SHA256SUMS.part
     ef919b73e8d1658af4f36b66932205946826e8f28fc653d9315ea7bc297023c0  guix-build-e181bda061ca/output/x86_64-w64-mingw32-codesigned/bitcoin-e181bda061ca-win64-setup.exe
     69ad6eaa66fb8154bcdf259c0944bb2bcbc55626e22388fbbf74e7898adf30b8  guix-build-e181bda061ca/output/x86_64-w64-mingw32-codesigned/bitcoin-e181bda061ca-win64.zip
     5b3a716a791387cce1178757b6541a19871aed744e1246ed332857ba3d00dd3f  guix-build-e181bda061ca/output/x86_64-w64-mingw32/SHA256SUMS.part
     c7174f6180ecffc72ca92e2832e810c0ba6e01b0e0d93d12e87648489c40d2f7  guix-build-e181bda061ca/output/x86_64-w64-mingw32/bitcoin-e181bda061ca-win64-codesigning.tar.gz
     dbef2b4fce7fccba81e26843408a6891e8dbe0065d18e73a0c0aa02caf9ad8b7  guix-build-e181bda061ca/output/x86_64-w64-mingw32/bitcoin-e181bda061ca-win64-debug.zip
     40002ea190fbbb1df2808aa30c21004e7291a088cde9a743c1dce396d2671a3b  guix-build-e181bda061ca/output/x86_64-w64-mingw32/bitcoin-e181bda061ca-win64-setup-unsigned.exe
     9a5a9d4b1379b2ef0909e5bec0359ce90f495d9f3208a22cac9ac6d595da3edc  guix-build-e181bda061ca/output/x86_64-w64-mingw32/bitcoin-e181bda061ca-win64-unsigned.zip
     

     @hebasto's are in a different order/selected differently, but the ones I manually checked seem to match...

     Will test downloading the apple bins on arm64 macOS 15 shortly

142. 
     Sjors commented at 1:55 PM on March 5, 2025: member

     behaving differently to the unsigned binaries currently produced by master

     I don't think they are. @davidgumberg did you compare this behavior against master? @willcl-ark Hebasto (and me) typically uses:

     find guix-build-$(git rev-parse --short=12 HEAD)/output/ -type f -print0 | env LC_ALL=C sort -z | xargs -r0 sha256sum
     

143. 
     fanquake commented at 1:57 PM on March 5, 2025: member

     I don't think they are. @davidgumberg did you compare this behavior against master?

     #31407 (comment).

144. 
     hebasto commented at 2:35 PM on March 5, 2025: member

     @hebasto's are in a different order/selected differently, but the ones I manually checked seem to match...

     Here is my shell command:

     find guix-build-$(git rev-parse --short=12 HEAD)/output/ -type f -print0 | env LC_ALL=C sort -z | xargs -r0 sha256sum
     

     UPD. Actually, it is the same as in #31407 (comment).

145. 
     achow101 commented at 5:09 PM on March 5, 2025: member

     I don't think they are. @davidgumberg did you compare this behavior against master?

     #31407 (comment).

     There's no comparison against master in that comment.

     Just tried opening the 28.1 unsigned app and it gives the exact same error.

     Furthermore, this PR does not touch unsigned binaries at all. If there is a regression there, it's caused by something else.

     Can you elaborate on why this is this expected?

     Opening an app as @davidgumberg did is always going to result in that error. MacOS has significant restrictions on apps, which is why we need to do this whole sign and notarize song and dance.

     If the unsigned binaries will no-longer work at all (regardless of any workarounds), then I assume we are going to stop uploading them entirely?

     We still include them in the SHA256SUMS which was the stated reason for uploading all guix build artifacts, including things that are irrelevant to end users like the codesigning tarballs. So presumably we will continue to upload them to /bin, although not link to them from the downloads page.

146. fanquake referenced this in commit 72e0fb35a8 on Mar 5, 2025
147. 
     fanquake commented at 5:23 PM on March 5, 2025: member

     If any other followups are needed, we can bundle them into #32003.

148. fanquake merged this on Mar 5, 2025
149. fanquake closed this on Mar 5, 2025

     ---

150. fanquake referenced this in commit c873ab6f23 on Mar 5, 2025
151. 
     achow101 commented at 6:08 PM on March 5, 2025: member

     So that we're clear on this, here is a test of each of the binaries from master, 28.1, and this PR on latest MacOS on arm64 and x86_64. All binaries downloaded through Safari.

     • 28.1 on MacOS 15.3.1 on Arm64

       <details>

     Unsigned binaries:

     • Finder double click:
       • bitcoin-cli: Error dialog with "Apple could not verify "bitcoin-cli" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-qt: Error dialog with "Apple could not verify "bitcoin-qt" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-tx: Error dialog with "Apple could not verify "bitcoin-tx" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-util: Error dialog with "Apple could not verify "bitcoin-util" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-wallet: Error dialog with "Apple could not verify "bitcoin-wallet" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoind: Error dialog with "Apple could not verify "bitcoind" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • test_bitcoin: Error dialog with "Apple could not verify "test_bitcoin" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
     • Terminal:
       • ./bitcoin-cli: zsh: killed ./bitcoin-cli. Error dialog with "Apple could not verify "bitcoin-cli" is free of malware and may harm your Mac or compromise your privacy". Two buttons,, Done" and "Move to Trash".
       • ./bitcoin-qt: zsh: killed ./bitcoin-qt. Error dialog with "Apple could not verify "bitcoin-qt" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoin-tx: zsh: killed ./bitcoin-tx. Error dialog with "Apple could not verify "bitcoin-tx" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoin-util: zsh: killed ./bitcoin-util. Error dialog with "Apple could not verify "bitcoin-util" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoin-wallet: zsh: killed ./bitcoin-wallet. Error dialog with "Apple could not verify "bitcoin-wallet" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoind: zsh: killed ./bitcoind. Error dialog with "Apple could not verify "bitcoind" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./test_bitcoin: zsh: killed ./test_bitcoin. Error dialog with "Apple could not verify "test_bitcoin" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".

     Unsigned binaries after workaround

     • Finder double click:
       • bitcoin-cli: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoin-qt: Opens terminal and runs as if no arguments are passed - GUI runs
       • bitcoin-tx: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoin-util: Opens terminal and runs as if no arguments are passed - prints "Error: Must specify a command"
       • bitcoin-wallet: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoind: Opens terminal and runs as if no arguments are passed - bitcoind starts
       • test_bitcoin: Opens terminal and runs as if no arguments are passed - all unit tests run and pass
     • Terminal:
       • bitcoin-cli: Works as expected
       • bitcoin-qt: Works as expected
       • bitcoin-tx: Works as expected
       • bitcoin-util: Works as expected
       • bitcoin-wallet: Works as expected
       • bitcoind: Works as expected
       • test_bitcoin: Works as expected

     Unsigned app

     • Finder double click: Error dialog with "Apple could not verify "Bitcoin Core" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
     • Terminal open Bitcoin-Qt.app: The application cannot be opened for an unexpected reason, error=Error Domain=RBSRequestErrorDomain Code=5 "Launch failed." UserInfo={NSLocalizedFailureReason=Launch failed., NSUnderlyingError=0x6000007ac0f0 {Error Domain=NSPOSIXErrorDomain Code=153 "Unknown error: 153" UserInfo={NSLocalizedDescription=Launchd job spawn failed}}}. Error dialog with "Apple could not verify "Bitcoin Core" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".

     Signed app

     • Finder double click: Error dialog with "Apple could not verify "Bitcoin Core" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".

     • Terminal open Bitcoin-Qt.app: Error dialog with "Apple could not verify "Bitcoin Core" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".

       </details>

     • Master (0391d7e4c24e) on MacOS 15.3.1 on arm64

       <details>

     Unsigned binaries:

     • Finder double click:
       • bitcoin-cli: Error dialog with "Apple could not verify "bitcoin-cli" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-qt: Error dialog with "Apple could not verify "bitcoin-qt" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-tx: Error dialog with "Apple could not verify "bitcoin-tx" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-util: Error dialog with "Apple could not verify "bitcoin-util" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-wallet: Error dialog with "Apple could not verify "bitcoin-wallet" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoind: Error dialog with "Apple could not verify "bitcoind" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • test_bitcoin: Error dialog with "Apple could not verify "test_bitcoin" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
     • Terminal:
       • ./bitcoin-cli: zsh: killed ./bitcoin-cli. Error dialog with "Apple could not verify "bitcoin-cli" is free of malware and may harm your Mac or compromise your privacy". Two buttons,, Done" and "Move to Trash".
       • ./bitcoin-qt: zsh: killed ./bitcoin-qt. Error dialog with "Apple could not verify "bitcoin-qt" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoin-tx: zsh: killed ./bitcoin-tx. Error dialog with "Apple could not verify "bitcoin-tx" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoin-util: zsh: killed ./bitcoin-util. Error dialog with "Apple could not verify "bitcoin-util" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoin-wallet: zsh: killed ./bitcoin-wallet. Error dialog with "Apple could not verify "bitcoin-wallet" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoind: zsh: killed ./bitcoind. Error dialog with "Apple could not verify "bitcoind" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./test_bitcoin: zsh: killed ./test_bitcoin. Error dialog with "Apple could not verify "test_bitcoin" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".

     Unsigned binaries after workaround

     • Finder double click:
       • bitcoin-cli: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoin-qt: Opens terminal and runs as if no arguments are passed - GUI runs
       • bitcoin-tx: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoin-util: Opens terminal and runs as if no arguments are passed - prints "Error: Must specify a command"
       • bitcoin-wallet: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoind: Opens terminal and runs as if no arguments are passed - bitcoind starts
       • test_bitcoin: Opens terminal and runs as if no arguments are passed - all unit tests run and pass
     • Terminal:
       • bitcoin-cli: Works as expected
       • bitcoin-qt: Works as expected
       • bitcoin-tx: Works as expected
       • bitcoin-util: Works as expected
       • bitcoin-wallet: Works as expected
       • bitcoind: Works as expected
       • test_bitcoin: Works as expected

     Unsigned app

     • Finder double click: Error dialog with "Apple could not verify "Bitcoin Core" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
     • Terminal open Bitcoin-Qt.app: The application cannot be opened for an unexpected reason, error=Error Domain=RBSRequestErrorDomain Code=5 "Launch failed." UserInfo={NSLocalizedFailureReason=Launch failed., NSUnderlyingError=0x6000012cc360 {Error Domain=NSPOSIXErrorDomain Code=153 "Unknown error: 153" UserInfo={NSLocalizedDescription=Launchd job spawn failed}}}. Error dialog with "Apple could not verify "Bitcoin Core" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".

     </details>

     • PR (e181bda061ca) on MacOS 15.3.1 on arm64

       <details>

     Unsigned binaries:

     • Finder double click:
       • bitcoin-cli: Error dialog with "Apple could not verify "bitcoin-cli" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-qt: Error dialog with "Apple could not verify "bitcoin-qt" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-tx: Error dialog with "Apple could not verify "bitcoin-tx" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-util: Error dialog with "Apple could not verify "bitcoin-util" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-wallet: Error dialog with "Apple could not verify "bitcoin-wallet" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoind: Error dialog with "Apple could not verify "bitcoind" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • test_bitcoin: Error dialog with "Apple could not verify "test_bitcoin" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
     • Terminal:
       • ./bitcoin-cli: zsh: killed ./bitcoin-cli. Error dialog with "Apple could not verify "bitcoin-cli" is free of malware and may harm your Mac or compromise your privacy". Two buttons,, Done" and "Move to Trash".
       • ./bitcoin-qt: zsh: killed ./bitcoin-qt. Error dialog with "Apple could not verify "bitcoin-qt" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoin-tx: zsh: killed ./bitcoin-tx. Error dialog with "Apple could not verify "bitcoin-tx" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoin-util: zsh: killed ./bitcoin-util. Error dialog with "Apple could not verify "bitcoin-util" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoin-wallet: zsh: killed ./bitcoin-wallet. Error dialog with "Apple could not verify "bitcoin-wallet" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoind: zsh: killed ./bitcoind. Error dialog with "Apple could not verify "bitcoind" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./test_bitcoin: zsh: killed ./test_bitcoin. Error dialog with "Apple could not verify "test_bitcoin" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".

     Unsigned binaries after workaround

     • Finder double click:
       • bitcoin-cli: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoin-qt: Opens terminal and runs as if no arguments are passed - GUI runs
       • bitcoin-tx: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoin-util: Opens terminal and runs as if no arguments are passed - prints "Error: Must specify a command"
       • bitcoin-wallet: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoind: Opens terminal and runs as if no arguments are passed - bitcoind starts
       • test_bitcoin: Opens terminal and runs as if no arguments are passed - all unit tests run and pass
     • Terminal:
       • bitcoin-cli: Works as expected
       • bitcoin-qt: Works as expected
       • bitcoin-tx: Works as expected
       • bitcoin-util: Works as expected
       • bitcoin-wallet: Works as expected
       • bitcoind: Works as expected
       • test_bitcoin: Works as expected

     Unsigned app

     • Finder double click: Error dialog with "Apple could not verify "Bitcoin Core" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
     • Terminal open Bitcoin-Qt.app: The application cannot be opened for an unexpected reason, error=Error Domain=RBSRequestErrorDomain Code=5 "Launch failed." UserInfo={NSLocalizedFailureReason=Launch failed., NSUnderlyingError=0x6000005f4750 {Error Domain=NSPOSIXErrorDomain Code=153 "Unknown error: 153" UserInfo={NSLocalizedDescription=Launchd job spawn failed}}}. Error dialog with "Apple could not verify "Bitcoin Core" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".

     Signed and Notarized binaries

     • Finder double click:
       • bitcoin-cli: Error dialog with "Apple could not verify "bitcoin-cli" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-qt: Error dialog with "Apple could not verify "bitcoin-qt" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-tx: Error dialog with "Apple could not verify "bitcoin-tx" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-util: Error dialog with "Apple could not verify "bitcoin-util" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-wallet: Error dialog with "Apple could not verify "bitcoin-wallet" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoind: Error dialog with "Apple could not verify "bitcoind" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • test_bitcoin: Error dialog with "Apple could not verify "test_bitcoin" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
     • Terminal:
       • bitcoin-cli: Works as expected
       • bitcoin-qt: Works as expected
       • bitcoin-tx: Works as expected
       • bitcoin-util: Works as expected
       • bitcoin-wallet: Works as expected
       • bitcoind: Works as expected
       • test_bitcoin: Works as expected

     Signed and Notarized binaries after xattr -d com.apple.quarantine workaround

     • Finder double click:
       • bitcoin-cli: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoin-qt: Opens terminal and runs as if no arguments are passed - GUI runs
       • bitcoin-tx: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoin-util: Opens terminal and runs as if no arguments are passed - prints "Error: Must specify a command"
       • bitcoin-wallet: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoind: Opens terminal and runs as if no arguments are passed - bitcoind starts
       • test_bitcoin: Opens terminal and runs as if no arguments are passed - all unit tests run and pass
     • Terminal:
       • bitcoin-cli: Works as expected
       • bitcoin-qt: Works as expected
       • bitcoin-tx: Works as expected
       • bitcoin-util: Works as expected
       • bitcoin-wallet: Works as expected
       • bitcoind: Works as expected
       • test_bitcoin: Works as expected

     Signed and Notarized app

     • Finder double click: Warning dialog with ""Bitcoin Core" is an app downloaded from the Internet. Are you sure you want to open it?" "Safari downloaded this file today at 10:01 AM. Apple checked it for malicious software and non was detected." Two buttons "Cancel" and "Open". Clicking "Open" runs GUI as expected.

     • Terminal open Bitcoin-Qt.app: Warning dialog with ""Bitcoin Core" is an app downloaded from the Internet. Are you sure you want to open it?" "Safari downloaded this file today at 10:01 AM. Apple checked it for malicious software and non was detected." Two buttons "Cancel" and "Open". Clicking "Open" runs GUI as expected.

       </details>

     • 28.1 on MacOS 15.3.1 on x86_64

       <details>

     Unsigned binaries:

     • Finder double click:
       • bitcoin-cli: Error dialog with "Apple could not verify "bitcoin-cli" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-qt: Error dialog with "Apple could not verify "bitcoin-qt" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-tx: Error dialog with "Apple could not verify "bitcoin-tx" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-util: Error dialog with "Apple could not verify "bitcoin-util" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-wallet: Error dialog with "Apple could not verify "bitcoin-wallet" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoind: Error dialog with "Apple could not verify "bitcoind" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • test_bitcoin: Error dialog with "Apple could not verify "test_bitcoin" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
     • Terminal:
       • ./bitcoin-cli: zsh: killed ./bitcoin-cli. Error dialog with "Apple could not verify "bitcoin-cli" is free of malware and may harm your Mac or compromise your privacy". Two buttons,, Done" and "Move to Trash".
       • ./bitcoin-qt: zsh: killed ./bitcoin-qt. Error dialog with "Apple could not verify "bitcoin-qt" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoin-tx: zsh: killed ./bitcoin-tx. Error dialog with "Apple could not verify "bitcoin-tx" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoin-util: zsh: killed ./bitcoin-util. Error dialog with "Apple could not verify "bitcoin-util" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoin-wallet: zsh: killed ./bitcoin-wallet. Error dialog with "Apple could not verify "bitcoin-wallet" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoind: zsh: killed ./bitcoind. Error dialog with "Apple could not verify "bitcoind" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./test_bitcoin: zsh: killed ./test_bitcoin. Error dialog with "Apple could not verify "test_bitcoin" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".

     Unsigned binaries after workaround

     • Finder double click:
       • bitcoin-cli: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoin-qt: Opens terminal and runs as if no arguments are passed - GUI runs
       • bitcoin-tx: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoin-util: Opens terminal and runs as if no arguments are passed - prints "Error: Must specify a command"
       • bitcoin-wallet: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoind: Opens terminal and runs as if no arguments are passed - bitcoind starts
       • test_bitcoin: Opens terminal and runs as if no arguments are passed - all unit tests run and pass
     • Terminal:
       • bitcoin-cli: Works as expected
       • bitcoin-qt: Works as expected
       • bitcoin-tx: Works as expected
       • bitcoin-util: Works as expected
       • bitcoin-wallet: Works as expected
       • bitcoind: Works as expected
       • test_bitcoin: Works as expected

     Unsigned app

     • Finder double click: Error dialog with "Apple could not verify "Bitcoin Core" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
     • Terminal open Bitcoin-Qt.app: Error dialog with "Apple could not verify "Bitcoin Core" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".

     Signed app

     • Finder double click: Error dialog with "Apple could not verify "Bitcoin Core" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".

     • Terminal open Bitcoin-Qt.app: Error dialog with "Apple could not verify "Bitcoin Core" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".

       </details>

     • Master (0391d7e4c24e) on MacOS 15.3.1 on x86_64

       <details>

     Unsigned binaries:

     • Finder double click:
       • bitcoin-cli: Error dialog with "Apple could not verify "bitcoin-cli" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-qt: Error dialog with "Apple could not verify "bitcoin-qt" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-tx: Error dialog with "Apple could not verify "bitcoin-tx" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-util: Error dialog with "Apple could not verify "bitcoin-util" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-wallet: Error dialog with "Apple could not verify "bitcoin-wallet" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoind: Error dialog with "Apple could not verify "bitcoind" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • test_bitcoin: Error dialog with "Apple could not verify "test_bitcoin" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
     • Terminal:
       • ./bitcoin-cli: zsh: killed ./bitcoin-cli. Error dialog with "Apple could not verify "bitcoin-cli" is free of malware and may harm your Mac or compromise your privacy". Two buttons,, Done" and "Move to Trash".
       • ./bitcoin-qt: zsh: killed ./bitcoin-qt. Error dialog with "Apple could not verify "bitcoin-qt" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoin-tx: zsh: killed ./bitcoin-tx. Error dialog with "Apple could not verify "bitcoin-tx" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoin-util: zsh: killed ./bitcoin-util. Error dialog with "Apple could not verify "bitcoin-util" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoin-wallet: zsh: killed ./bitcoin-wallet. Error dialog with "Apple could not verify "bitcoin-wallet" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoind: zsh: killed ./bitcoind. Error dialog with "Apple could not verify "bitcoind" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./test_bitcoin: zsh: killed ./test_bitcoin. Error dialog with "Apple could not verify "test_bitcoin" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".

     Unsigned binaries after workaround

     • Finder double click:
       • bitcoin-cli: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoin-qt: Opens terminal and runs as if no arguments are passed - GUI runs
       • bitcoin-tx: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoin-util: Opens terminal and runs as if no arguments are passed - prints "Error: Must specify a command"
       • bitcoin-wallet: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoind: Opens terminal and runs as if no arguments are passed - bitcoind starts
       • test_bitcoin: Opens terminal and runs as if no arguments are passed - all unit tests run and pass
     • Terminal:
       • bitcoin-cli: Works as expected
       • bitcoin-qt: Works as expected
       • bitcoin-tx: Works as expected
       • bitcoin-util: Works as expected
       • bitcoin-wallet: Works as expected
       • bitcoind: Works as expected
       • test_bitcoin: Works as expected

     Unsigned app

     • Finder double click: Error dialog with "Apple could not verify "Bitcoin Core" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
     • Terminal open Bitcoin-Qt.app: Error dialog with "Apple could not verify "Bitcoin Core" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".

     </details>

     • PR (e181bda061ca) on MacOS 15.3.1 on x86_64

       <details>

     Unsigned binaries:

     • Finder double click:
       • bitcoin-cli: Error dialog with "Apple could not verify "bitcoin-cli" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-qt: Error dialog with "Apple could not verify "bitcoin-qt" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-tx: Error dialog with "Apple could not verify "bitcoin-tx" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-util: Error dialog with "Apple could not verify "bitcoin-util" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-wallet: Error dialog with "Apple could not verify "bitcoin-wallet" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoind: Error dialog with "Apple could not verify "bitcoind" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • test_bitcoin: Error dialog with "Apple could not verify "test_bitcoin" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
     • Terminal:
       • ./bitcoin-cli: zsh: killed ./bitcoin-cli. Error dialog with "Apple could not verify "bitcoin-cli" is free of malware and may harm your Mac or compromise your privacy". Two buttons,, Done" and "Move to Trash".
       • ./bitcoin-qt: zsh: killed ./bitcoin-qt. Error dialog with "Apple could not verify "bitcoin-qt" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoin-tx: zsh: killed ./bitcoin-tx. Error dialog with "Apple could not verify "bitcoin-tx" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoin-util: zsh: killed ./bitcoin-util. Error dialog with "Apple could not verify "bitcoin-util" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoin-wallet: zsh: killed ./bitcoin-wallet. Error dialog with "Apple could not verify "bitcoin-wallet" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./bitcoind: zsh: killed ./bitcoind. Error dialog with "Apple could not verify "bitcoind" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • ./test_bitcoin: zsh: killed ./test_bitcoin. Error dialog with "Apple could not verify "test_bitcoin" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".

     Unsigned binaries after workaround

     • Finder double click:
       • bitcoin-cli: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoin-qt: Opens terminal and runs as if no arguments are passed - GUI runs
       • bitcoin-tx: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoin-util: Opens terminal and runs as if no arguments are passed - prints "Error: Must specify a command"
       • bitcoin-wallet: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoind: Opens terminal and runs as if no arguments are passed - bitcoind starts
       • test_bitcoin: Opens terminal and runs as if no arguments are passed - all unit tests run and pass
     • Terminal:
       • bitcoin-cli: Works as expected
       • bitcoin-qt: Works as expected
       • bitcoin-tx: Works as expected
       • bitcoin-util: Works as expected
       • bitcoin-wallet: Works as expected
       • bitcoind: Works as expected
       • test_bitcoin: Works as expected

     Unsigned app

     • Finder double click: Error dialog with "Apple could not verify "Bitcoin Core" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
     • Terminal open Bitcoin-Qt.app: Error dialog with "Apple could not verify "Bitcoin Core" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".

     Signed and Notarized binaries

     • Finder double click:
       • bitcoin-cli: Error dialog with "Apple could not verify "bitcoin-cli" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-qt: Error dialog with "Apple could not verify "bitcoin-qt" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-tx: Error dialog with "Apple could not verify "bitcoin-tx" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-util: Error dialog with "Apple could not verify "bitcoin-util" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoin-wallet: Error dialog with "Apple could not verify "bitcoin-wallet" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • bitcoind: Error dialog with "Apple could not verify "bitcoind" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
       • test_bitcoin: Error dialog with "Apple could not verify "test_bitcoin" is free of malware and may harm your Mac or compromise your privacy". Two buttons, "Done" and "Move to Trash".
     • Terminal:
       • bitcoin-cli: Works as expected
       • bitcoin-qt: Works as expected
       • bitcoin-tx: Works as expected
       • bitcoin-util: Works as expected
       • bitcoin-wallet: Works as expected
       • bitcoind: Works as expected
       • test_bitcoin: Works as expected

     Signed and Notarized binaries after xattr -d com.apple.quarantine workaround

     • Finder double click:
       • bitcoin-cli: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoin-qt: Opens terminal and runs as if no arguments are passed - GUI runs
       • bitcoin-tx: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoin-util: Opens terminal and runs as if no arguments are passed - prints "Error: Must specify a command"
       • bitcoin-wallet: Opens terminal and runs as if no arguments are passed - prints help
       • bitcoind: Opens terminal and runs as if no arguments are passed - bitcoind starts
       • test_bitcoin: Opens terminal and runs as if no arguments are passed - all unit tests run and pass
     • Terminal:
       • bitcoin-cli: Works as expected
       • bitcoin-qt: Works as expected
       • bitcoin-tx: Works as expected
       • bitcoin-util: Works as expected
       • bitcoin-wallet: Works as expected
       • bitcoind: Works as expected
       • test_bitcoin: Works as expected

     Signed and Notarized app

     • Finder double click: Warning dialog with ""Bitcoin Core" is an app downloaded from the Internet. Are you sure you want to open it?" "Safari downloaded this file today at 10:23 AM. Apple checked it for malicious software and non was detected." Two buttons "Cancel" and "Open". Clicking "Open" runs GUI as expected.
     • Terminal open Bitcoin-Qt.app: Warning dialog with ""Bitcoin Core" is an app downloaded from the Internet. Are you sure you want to open it?" "Safari downloaded this file today at 10:23 AM. Apple checked it for malicious software and non was detected." Two buttons "Cancel" and "Open". Clicking "Open" runs GUI as expected.

       </details>

152. achow101 referenced this in commit a9a2b669f3 on Mar 6, 2025
153. TheCharlatan referenced this in commit 2cab7a09ea on Mar 16, 2025
154. stickies-v referenced this in commit d760fd3dda on Mar 17, 2025
155. stickies-v referenced this in commit cc83553352 on Mar 17, 2025
156. stickies-v referenced this in commit 2614933f06 on Mar 17, 2025
157. stickies-v referenced this in commit b70418c5fc on Mar 17, 2025
158. stickies-v referenced this in commit 69f8a1fe50 on Mar 17, 2025
159. 
     achow101 commented at 6:29 PM on May 17, 2025: member

     Perhaps this should be backported to all current release branches?

160. fanquake referenced this in commit 82a96c416b on May 19, 2025
161. fanquake referenced this in commit 398caff58e on May 19, 2025
162. fanquake referenced this in commit 840a1dcdfe on May 19, 2025
163. fanquake referenced this in commit 26211e0f0e on May 19, 2025
164. fanquake referenced this in commit 0e36154386 on May 19, 2025
165. fanquake referenced this in commit 6eb425e598 on May 19, 2025
166. fanquake referenced this in commit ca4c96d5a1 on May 19, 2025
167. fanquake referenced this in commit 95b5b0a36c on May 19, 2025
168. fanquake referenced this in commit 428ff8b0da on May 19, 2025
169. fanquake referenced this in commit fcbccf3ba0 on May 19, 2025
170. 
     fanquake commented at 12:47 PM on May 19, 2025: member

     I've opened something (not-yet-fully-tested) here #32563 for 28.x.

Contributors

achow101DrahtBotedilmedeirosSjorslaanwjsipapinheadmzhebastofanquakewillcl-arkdarosiorTheCharlatandavidgumberg

Review Requested
davidgumbergwillcl-arkdarosiorhebastostickies-v

Milestone
29.0