Skip to content

Instantly share code, notes, and snippets.

@eriknylund

eriknylund/mycelium-v3.11.0.4-repro.md

Last active October 10, 2021 12:11
Show Gist options
  • Save eriknylund/d4525058d605647fdf3a37fe4f174a40 to your computer and use it in GitHub Desktop.
Save eriknylund/d4525058d605647fdf3a37fe4f174a40 to your computer and use it in GitHub Desktop.
Download ZIP
Mycelium v3.11.0.4 reproducible build
Raw
mycelium-v3.11.0.4-repro.md

Mycelium v3.11.0.4 repro

Instructions

Setup

  • Digital Ocean Debian 11 x64
# Setup Docker
apt update && 
apt install -y \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg \
    lsb-release
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
apt update && \
apt install -y \
    docker-ce \
    docker-ce-cli \
    containerd.io

Build

git clone https://github.com/mycelium-com/wallet-android.git
pushd wallet-android
git submodule update --init --recursive
git checkout v3.11.0.4
docker build . --tag mycelium-wallet

# Use disorderfs to eliminate non-determinism caused by file ordering
apt install -y disorderfs
mkdir /tmp/s
disorderfs --sort-dirents=yes --reverse-dirents=no --multi-user=yes $PWD /tmp/s
pushd /tmp/s

# Build Mycelium using Docker
docker run --rm --volume $(pwd):/project --workdir /project -it mycelium-wallet bash
yes | /opt/android-sdk/tools/bin/sdkmanager "build-tools;28.0.3"
./gradlew clean :mbw:assProdRel
exit

popd
popd

Pull APK from phone using macOS

brew install android-platform-tools
# https://developer.android.com/studio/debug/dev-options
# https://developer.android.com/studio/debug/dev-options#enable
export FILENAME=`adb shell dumpsys package com.mycelium.wallet | grep versionName | awk -F "=" '{printf "mycelium-%s.apk\n",$2}'`
adb pull `adb shell pm path com.mycelium.wallet | awk -F ":" '{print $NF}'` $FILENAME
shasum -a 256 $FILENAME
# Copy APK to Digital Ocean disposable VM 
scp $FILENAME root@<digital-ocean-vm-ip-goes-here>:

Verify

apt install -y unzip
unzip -d unsigned /tmp/s/mbw/build/outputs/apk/prodnet/release/mbw-prodnet-release.apk
unzip -d signed mycelium-3.11.0.4.apk

# If no files except CERT.RSA, CERT.SF and MANIFEST.MF differ then we have a reproducible build
diff -qr signed unsigned | grep -v "META-INF/CERT.RSA\|META-INF/CERT.SF\|META-INF/MANIFEST.MF"

docker run --rm --volume $(pwd)/signed:/signed --workdir /signed -it mycelium-wallet keytool -printcert -file META-INF/CERT.RSA
sha256sum mycelium-3.11.0.4.apk

Video

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment