I see in /opt/firefox two executable files: firefox and firefox-bin with the same sha256 hash. Why is it? In /usr/bin/firefox-bin, we run /opt/firefox/firefox.
I don't know why Mozilla's build system creates "firefox" and "firefox-bin" all the time. When you search Mozilla's bugzilla you will find bugs like https://bugzilla.mozilla.org/show_bug.cgi?id=552864 or https://bugzilla.mozilla.org/show_bug.cgi?id=658850. In general I would say we should backport https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=29945375567a11ba088d76b72d52bcdb54f1486a for firefox-bin. In this case also need to deal with *.sig file. But when you view firefox-60.0.2 release for example (https://ftp.mozilla.org/pub/firefox/releases/60.0.2/linux-x86_64/en-US/) you will notice that "firefox" and "firefox-bin" binary are different. Not sure if this was a bug...
I didn't know about file size for different versions. So, I think this is not a bug.
We still create both files to be compatible with upstream/bin package but we do a symlink for the second file.