Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Users getting misleaded by JAR snapshot checksums #1451

Open
XMRZombie opened this issue Dec 3, 2024 · 1 comment
Open

Users getting misleaded by JAR snapshot checksums #1451

XMRZombie opened this issue Dec 3, 2024 · 1 comment

Comments

@XMRZombie
Copy link
Contributor

Basically when building packages the code gives a checksum from the jar binary of haveno, but people are comparing this checksum with packages which can be misleading.
@boldsuck
Copy link
Contributor

Maybe include it in the release notes, like bisq

  1. Download, Import & Trust GPG key.

  2. How to verify signatures?
    gpg --verify haveno-linux-deb.zip.sig && sha512sum haveno-linux-deb.zip

  3. (Optional¹) Verify jar file inside binary:
    shasum -a256 /opt/haveno/lib/app/desktop-*.jar

¹I only did that once or twice

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@boldsuck @XMRZombie