Hi, wolf writes: > Hmm, but the recipe for the authenticate rule comes from the (possibly) > compromised source, no? So the attacker can just modify the recipe instead of > the command going the authentication. Am I missing something? You can use a previously trusted guix to do the authentication. `make authenticate` is here for committers to check that their commits are all properly signed before pushing (it's used as a pre-push hook). Best, -- Josselin Poiret