coinbin icon indicating copy to clipboard operation
coinbin copied to clipboard
verified publisher icon OutCast3k

sha1sum file is not gpg verified

Open steveeq1 opened this issue 7 years ago • 2 comments

I am downloading the coinbin.zip file and running on my local drive for security reasons. I notice that there is a "sha1sum" file with checksums for the contents of the zip file. Is there anyway this can be signed with a gpg key so i can make sure the checksum file hasn't been tampered with by a hacker? Is there any other way to gpg verify the zip file in some way?

steveeq1 avatar Feb 26 '19 08:02 steveeq1

You could always compare the sha1sum file to the one on GitHub to make sure it hasn't been tampered with.

yottalogical avatar May 05 '19 17:05 yottalogical

yes! it would be great that the Github release page also contains GPG signatures. thanks :)

monperrus avatar Sep 21 '20 04:09 monperrus