Title: v4.0 Wasabi Backend, the old clients mandatory update. Post by: Captain-Cryptory on September 03, 2020, 07:36:31 PM .
Title: Re: v4.0 Wasabi Backend, the old clients mandatory update. Post by: arrowlove on September 05, 2020, 07:58:54 PM Hi,
Download .deb and Signature - wasabiwallet.io Get pgp key from this public page: https://docs.wasabiwallet.io/using-wasabi/InstallPackage.html#debian-and-ubuntu Verify that the fingerprint is 6FB3872B5D42292F59920797856348328949861E $ sudo gpg --keyserver pgp.mit.edu --recv-keys 6FB3872B5D42292F59920797856348328949861E That should confirm key belongs to gpg: key 856348328949861E: public key "zkSNACKs <zksnacks@gmail.com> $ sudo gpg --verify Wasabi-1.1.12.deb.SIGNATURE.asc Wasabi-1.1.12.deb Where the two input files are the Wasabi package downloaded and associate Signature.asc Generates the ouput: gpg: Signature made Wed 05 Aug 2020 05:00:01 PM HKT gpg: using RSA key 6FB3872B5D42292F59920797856348328949861E gpg: Good signature from "zkSNACKs <zksnacks@gmail.com>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 6FB3 872B 5D42 292F 5992 0797 8563 4832 8949 861E for clarification: gpg says figerprint is correct for wasabi deb but the fingerprint is not certified as trusted ? Is this what users should expect from gpg verification before install? https://imgur.com/a/oEOxTC0 Title: Re: v4.0 Wasabi Backend, the old clients mandatory update. Post by: bob123 on September 06, 2020, 10:38:03 AM Generates the ouput: gpg: Signature made Wed 05 Aug 2020 05:00:01 PM HKT gpg: using RSA key 6FB3872B5D42292F59920797856348328949861E gpg: Good signature from "zkSNACKs <zksnacks@gmail.com>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 6FB3 872B 5D42 292F 5992 0797 8563 4832 8949 861E for clarification: gpg says figerprint is correct for wasabi deb but the fingerprint is not certified as trusted ? Is this what users should expect from gpg verification before install? Yes, that's the expected output. The warning appears because you do not trust the key yourself yet. The important part is the bold line. When using the correct key, that's all you need to look for. Title: Re: v4.0 Wasabi Backend, the old clients mandatory update. Post by: arrowlove on September 07, 2020, 06:03:24 PM Thank you all for confirming what a new user should see upon install. Yes zkSNACKs pgp key was not added before pgp verification of download - thank you for pointing that out.
|