Hi, > If someone copies Guix to guix.theirhoster.com
…then such a copy will simply be ignored by your local checkout, mine, or anyone else's, unless we explicitly choose to use that new URL. Same as before - no authentication (of frozenpigs or anyone else) is needed to tell it apart. If you want, I can set up such a repo, with my commits pretending to be "frozenpigs", and you can run `guix pull`. I guarantee you won't get any authentication complaints - because you're not pulling from that repo in the first place. > Modified histories, yes, but modified futures, no. In Git, just like in reality, neither the past nor the future can be modified. If we try to "rewrite" the past, we don't change it - we simply create a new, different history, with different hashes. Git recognizes that new history as something distinct, not as a "modified future". Again, no authentication is needed to detect such a case. Cheers, Bost
