Nice work Fossy and co.<p>I believe this is this is the dependency chain your live-bootstrap works through:
<a href="https://github.com/oriansj/talk-notes/raw/master/live-bootstrap.pdf" rel="nofollow">https://github.com/oriansj/talk-notes/raw/master/live-bootst...</a>
See also Bellard's TCCBOOT, which is based on the far simpler TCC instead of GCC: <a href="https://bellard.org/tcc/tccboot.html" rel="nofollow">https://bellard.org/tcc/tccboot.html</a>
This is cool as heck. Outside of architectural attacks, this seems like a practical response to Reflections on Trusting Trust (<a href="http://users.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf" rel="nofollow">http://users.ece.cmu.edu/~ganger/712.fall02/papers/p761-thom...</a>).<p>While we can definitely discuss whether it's practical for anyone to actually audit all that source code (no it is not), proving a 356 bytes codestream isn't malicious seems like a good foundation to argue about.
See also blynn-compiler[0], made by the same contributors, that bootstrap a Haskell compiler from C (which in term is bootstrapped from hex).<p>[0] <a href="https://github.com/oriansj/blynn-compiler" rel="nofollow">https://github.com/oriansj/blynn-compiler</a>
See this doc for how the full process works:
<a href="https://github.com/fosslinux/live-bootstrap/blob/master/parts.rst" rel="nofollow">https://github.com/fosslinux/live-bootstrap/blob/master/part...</a><p>In particular, this the very first step:
<a href="https://github.com/oriansj/stage0-posix/blob/master/x86/hex0_x86.hex0" rel="nofollow">https://github.com/oriansj/stage0-posix/blob/master/x86/hex0...</a> (or its hand-edited binary version ?)<p>Edit: this how it's "assembled":<p><pre><code> sed 's/[;#].*$//g' $input_file | xxd -r -p > $output_file
</code></pre>
See: <a href="https://github.com/oriansj/bootstrap-seeds/blob/master/README.md" rel="nofollow">https://github.com/oriansj/bootstrap-seeds/blob/master/READM...</a>
I wonder if Brainfuck could be used for <a href="https://github.com/oriansj/stage0-posix" rel="nofollow">https://github.com/oriansj/stage0-posix</a> ? It would not surprise me if there is no other language for which there are so many interpreters written in so many different programming languages. It is even possible to write a Brainfuck interpreter in Brainfuck, which can be verified. And there is also a Brainfuck interpreter written in x86-64: <a href="https://github.com/316k/brainfuck-x86-64" rel="nofollow">https://github.com/316k/brainfuck-x86-64</a> . It is a little larger than hex0_x86.hex0 , but not too much to make it hard to verify.