A lot of this bootstrapping stuff comes back to the ‘trusting trust’ attack. You could write a compiler that adds some malicious code to programs it compiles. But the thing is, it could also insert it’s own malicious code when compiling a compiler. So you look at your code, and the code of your compiler, and everything looks fine, but the exploit is still there. Someone wrote an example in rust.
Theoretically there could also be bugs that propagate this way. So to fully trust your code is doing what you think it is, you’d need a chain of compilers back to hand coded assembly.
A lot of this bootstrapping stuff comes back to the ‘trusting trust’ attack. You could write a compiler that adds some malicious code to programs it compiles. But the thing is, it could also insert it’s own malicious code when compiling a compiler. So you look at your code, and the code of your compiler, and everything looks fine, but the exploit is still there. Someone wrote an example in rust.
Theoretically there could also be bugs that propagate this way. So to fully trust your code is doing what you think it is, you’d need a chain of compilers back to hand coded assembly.