aboutsummaryrefslogtreecommitdiff
path: root/contrib
diff options
context:
space:
mode:
authorMarcoFalke <falke.marco@gmail.com>2016-08-21 21:58:29 +0200
committerMarcoFalke <falke.marco@gmail.com>2016-08-21 21:58:31 +0200
commitfaaed8874f83373e54a1878c5c7381ce47557bb8 (patch)
tree59026090d6fb83017d870fa5b76e1b41047c61a6 /contrib
parentfa917f662346868486cdffce92a1fbe34980a72b (diff)
downloadbitcoin-faaed8874f83373e54a1878c5c7381ce47557bb8.tar.xz
[contrib] verifybinaries: Mention mandatory preparation step
Diffstat (limited to 'contrib')
-rw-r--r--contrib/verifybinaries/README.md15
1 files changed, 14 insertions, 1 deletions
diff --git a/contrib/verifybinaries/README.md b/contrib/verifybinaries/README.md
index 516af8575f..ed3e14fb6c 100644
--- a/contrib/verifybinaries/README.md
+++ b/contrib/verifybinaries/README.md
@@ -1,11 +1,24 @@
### Verify Binaries
+
+#### Preparation:
+
+Make sure you obtain the proper release signing key and verify the fingerprint with several independent sources.
+
+```sh
+$ gpg --fingerprint "Bitcoin Core binary release signing key"
+pub 4096R/36C2E964 2015-06-24 [expires: 2017-02-13]
+ Key fingerprint = 01EA 5486 DE18 A882 D4C2 6845 90C8 019E 36C2 E964
+uid Wladimir J. van der Laan (Bitcoin Core binary release signing key) <laanwj@gmail.com>
+```
+
+#### Usage:
+
This script attempts to download the signature file `SHA256SUMS.asc` from https://bitcoin.org.
It first checks if the signature passes, and then downloads the files specified in the file, and checks if the hashes of these files match those that are specified in the signature file.
The script returns 0 if everything passes the checks. It returns 1 if either the signature check or the hash check doesn't pass. If an error occurs the return value is 2.
-Usage:
```sh
./verify.sh bitcoin-core-0.11.2
generated by cgit v1.2.3 (git 2.26.2) at 2024-07-08 02:10:06 +0000