Releases: vertcoin-project/electrum
Electrum-VTC 4.2.2
Changes in this release
- verthash.dat is now created by Electrum-VTC
- Vertcoin-Core and Vertcoin-OCM data directories are checked for existing verthash.dat in lieu of creation
- Security updates and bug fixes from upstream, see release notes
SHA256SUMS is signed with my PGP key
Electrum-VTC v4.2.1
Changes in this release
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:
curl https://raw.githubusercontent.com/vertcoin-project/electrum/master/pubkeys/vertion.asc | gpg --import
Once you have the required PGP key, you can verify the release (assuming manifest-v4.2.0.txt.sig and manifest-v4.2.0.txt are in the current directory) with:
gpg --verify manifest-v4.2.1.txt.sig manifest-v4.2.1.txt
You should see the following if the verification was successful:
gpg: Signature made Mon 28 Mar 2022 02:05:26 PM CDT
gpg: using RSA key 28E72909F1717FE9607754F8A7BEB2621678D37D
gpg: Good signature from "vertion <[email protected]>" [ultimate]
That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.
Verifying the Release Binaries
Our Windows and AppImage builds are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager. See our reproducible builds guide for how this can be achieved on Windows or Linux.
Finally, you can also verify the tag itself with the following command:
git verify-tag v4.2.1
gpg: Signature made Mon 28 Mar 2022 12:38:58 PM CDT
gpg: using RSA key 28E72909F1717FE9607754F8A7BEB2621678D37D
gpg: Good signature from "vertion <[email protected]>" [ultimate]
Electrum-VTC v4.2.0
Changes in this release
- macOS build - codesigned and notarized using the Vertcoin Project's codesigning certificate
- Release Notes
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:
curl https://raw.githubusercontent.com/vertcoin-project/electrum/master/pubkeys/vertion.asc | gpg --import
Once you have the required PGP key, you can verify the release (assuming manifest-v4.2.0.txt.sig and manifest-v4.2.0.txt are in the current directory) with:
gpg --verify manifest-v4.2.0.txt.sig manifest-v4.2.0.txt
You should see the following if the verification was successful:
gpg: Signature made Thu 17 Mar 2022 05:49:20 PM CDT
gpg: using RSA key 28E72909F1717FE9607754F8A7BEB2621678D37D
gpg: Good signature from "vertion <[email protected]>" [ultimate]
That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.
Verifying the Release Binaries
Our Windows and AppImage builds are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager. See our reproducible builds guide for how this can be achieved on Windows or Linux.
Finally, you can also verify the tag itself with the following command:
git verify-tag v4.2.0
gpg: Signature made Thu 17 Mar 2022 05:16:28 PM CDT
gpg: using RSA key 28E72909F1717FE9607754F8A7BEB2621678D37D
gpg: Good signature from "vertion <[email protected]>" [ultimate]
Electrum-VTC v4.1.5
This is the first release of Electrum-VTC updated for Verthash!
Special thanks to previous contributors @pknight007 @metalicjames
Verifying the Release
In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:
curl https://raw.githubusercontent.com/vertcoin-project/electrum/master/pubkeys/vertion.asc | gpg --import
Once you have the required PGP key, you can verify the release (assuming manifest-v4.1.5.txt.sig and manifest-v4.1.5.txt are in the current directory) with:
gpg --verify manifest-v4.1.5.txt.sig manifest-v4.1.5.txt
You should see the following if the verification was successful:
gpg: Signature made Mon 07 Feb 2022 04:50:50 PM CST
gpg: using RSA key 28E72909F1717FE9607754F8A7BEB2621678D37D
gpg: Good signature from "vertion <[email protected]>" [ultimate]
That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.
Verifying the Release Binaries
Our Windows and AppImage builds are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager. See our reproducible builds guide for how this can be achieved on Windows or Linux.
Finally, you can also verify the tag itself with the following command:
git verify-tag v4.1.5
gpg: Signature made Mon 07 Feb 2022 04:25:01 PM CST
gpg: using RSA key 28E72909F1717FE9607754F8A7BEB2621678D37D
gpg: Good signature from "vertion <[email protected]>" [ultimate]
