Help building python application from source

[Peter Pearson]

On Fri, 28 Feb 2020 18:49:58 -0800, Mr. Lee Chiffre wrote:
[snip]
> I am a python noob. This is why I ask the python masters. There is a
> python software I want to install on the server it is called Electrumx.
> https://github.com/kyuupichan/electrumx is the link. I am having troubles
> with installing this.
> The short version is I am wanting to build this python application and
> needed dependencies from source code all from a local directory without
> relying on the python pip package servers. I only run software I can
> compile from source code because this is the only way to trust open source
> software. I also want to archive the software I use and be able to install
> it on systems in a grid down situation without relying on other servers
> such as python package servers.

(To make OP's requirements plainly visible, note that this appears to
be a cryptocurrency application.)

I'd suggest that building everything from source code might not be a
realistic solution to your security concerns.  I don't know what your
threat model is, but if it's something like, "Hackers and gangsters
who scatter password-harvesting trojans across the globe and then shlurp
up what they can," you might find that you get better security by
generating your keys on a computer that never communicates with the
outside world.  

Your concerns are (1) that the random numbers from which your keys have
been corrupted to make them predictable, or (2) that malicious software
will send your keys to the bad guys.  Isolating the key-generation
machine takes care of #2.  If you have Python code for generating keys,
something as simple as XORing a fixed value of your choice with its
random numbers will take care of #1.  I admit that using an isolated
machine introduces a lot of inconveniences, but I bet it compares
favorably with building everything from source.

-- 
To email me, substitute nowhere->runbox, invalid->com.