Bitcoin Forum
March 19, 2024, 09:06:41 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Electrum verification question/issue?  (Read 94 times)
bedlaminbelgium (OP)
Newbie
*
Offline Offline

Activity: 4
Merit: 5


View Profile
March 26, 2022, 10:57:35 AM
Merited by o_e_l_e_o (4), Husna QA (1)
 #1

  Ok...So I downloaded electrum thru https://electrum.org/#home

  I also download the keys from github keys for thomasV as per the following thread https://bitcointalk.org/index.php?topic=5240594.0

  Also downloaded other keys assosciated on github with electrum. https://github.com/spesmilo/electrum/tree/master/pubkeys

  I ran Kleopatra and I get the following..see image below. Is this good enough? I am seeing something say 3 signatures cannot be verified

https://i.imgur.com/rA3jcYV.jpg

  

  
"With e-currency based on cryptographic proof, without the need to trust a third party middleman, money can be secure and transactions effortless." -- Satoshi
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1710839201
Hero Member
*
Offline Offline

Posts: 1710839201

View Profile Personal Message (Offline)

Ignore
1710839201
Reply with quote  #2

1710839201
Report to moderator
nc50lc
Legendary
*
Offline Offline

Activity: 2352
Merit: 5379


Self-proclaimed Genius


View Profile
March 26, 2022, 12:00:04 PM
 #2

It's successfully verified; However, you haven't certified neither of the three keys.

To certify the keys: Open Kleopatra, right-click on Thomas Voegtlin's key, select "certify", tick all three checkboxes and the one below "I have verified the fingerprint".
Then click next and finish the rest of the steps. Do this to the other two keys.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
bedlaminbelgium (OP)
Newbie
*
Offline Offline

Activity: 4
Merit: 5


View Profile
March 26, 2022, 01:01:42 PM
 #3

It's successfully verified; However, you haven't certified neither of the three keys.

To certify the keys: Open Kleopatra, right-click on Thomas Voegtlin's key, select "certify", tick all three checkboxes and the one below "I have verified the fingerprint".
Then click next and finish the rest of the steps. Do this to the other two keys.


 Thats it?  Awesone!  What exaclty happens when I certifiy? It is confirming these keys are legit?  Thankyou!
hosseinimr93
Legendary
*
Online Online

Activity: 2338
Merit: 5098



View Profile
March 26, 2022, 01:43:18 PM
 #4

Thats it?  Awesone!  What exaclty happens when I certifiy? It is confirming these keys are legit?  Thankyou!
Electrum is an open-source wallet and the source code is available to anyone.
Scammers can easily change the source code and make a fake version which looks like the original version.
With verifying the signature, you actually verify that you have downloaded the original version of eletrum.
Note that even if you are sure that you have downloaded electrum from its official website, you still need to verify the signature. Because, there is no guarantee that the website hasn't been hacked

.
.BLACKJACK ♠ FUN.
█████████
██████████████
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
████████████████
░██████████████
████████████
███████████████░██
██████████
CRYPTO CASINO &
SPORTS BETTING
▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
█████████
.
BlackHatCoiner
Legendary
*
Offline Offline

Activity: 1456
Merit: 7025


Farewell, Leo


View Profile
March 26, 2022, 01:56:07 PM
Merited by nc50lc (1)
 #5

Thats it?  Awesone!  What exaclty happens when I certifiy? It is confirming these keys are legit?  Thankyou!
When you certify a key you essentially inform the program that you trust the signer. This isn't necessary, but it can be used in the future if you want to re-verify the new Electrum versions.

Unfortunately, someone who just wants to verify the authenticity of their wallet software must be familiar with things they don't even understand. That's a drawback of Kleopatra.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
bedlaminbelgium (OP)
Newbie
*
Offline Offline

Activity: 4
Merit: 5


View Profile
March 26, 2022, 02:10:12 PM
 #6

Thats it?  Awesone!  What exaclty happens when I certifiy? It is confirming these keys are legit?  Thankyou!
When you certify a key you essentially inform the program that you trust the signer. This isn't necessary, but it can be used in the future if you want to re-verify the new Electrum versions.

Unfortunately, someone who just wants to verify the authenticity of their wallet software must be familiar with things they don't even understand. That's a drawback of Kleopatra.

   That is true and thankyou. Is there any other way besides Kleopatra? An easier way to verify?

  I mean if I download the software thru the electrum website, shouldnt that be enough or is there a chance it couldve been compromised?
BlackHatCoiner
Legendary
*
Offline Offline

Activity: 1456
Merit: 7025


Farewell, Leo


View Profile
March 26, 2022, 02:16:52 PM
 #7

I mean if I download the software thru the electrum website, shouldnt that be enough or is there a chance it couldve been compromised?
The reason why you're verifying the signature has been written above, by hosseinimr93.

A hacker can have compromised the website for a while and insert their own, malicious version of Electrum, right before you visit it. The developers can't guarantee you that the site won't be compromised, but by providing a PGP signature, they guarantee that whoever verifies the binaries won't be victimized. A hacker would need to compromise both electrum.org and github.com at the same time to succeed.

That is true and thankyou. Is there any other way besides Kleopatra? An easier way to verify?
You don't want to mess with the command line, so just stick with Kleopatra. Besides, you now know how to do it.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
bedlaminbelgium (OP)
Newbie
*
Offline Offline

Activity: 4
Merit: 5


View Profile
March 26, 2022, 02:20:11 PM
 #8

I mean if I download the software thru the electrum website, shouldnt that be enough or is there a chance it couldve been compromised?
The reason why you're verifying the signature has been written above, by hosseinimr93.

A hacker can have compromised the website for a while and insert their own, malicious version of Electrum, right before you visit it. The developers can't guarantee you that the site won't be compromised, but by providing a PGP signature, they guarantee that whoever verifies the binaries won't be victimized. A hacker would need to compromise both electrum.org and github.com at the same time to succeed.

That is true and thankyou. Is there any other way besides Kleopatra? An easier way to verify?
You don't want to mess with the command line, so just stick with Kleopatra. Besides, you now know how to do it.


   Yeah...I didnt see hosseinimr93 response. So true.

    Not sure what command line you are referring to? I was asking if there was another program like Kleopatra but easier


     Regardless, your right. I now know...thanks all for the help. Stay Hodling!  Wink
khaled0111
Legendary
*
Offline Offline

Activity: 2464
Merit: 2791


Top Crypto Casino


View Profile WWW
March 26, 2022, 02:37:52 PM
 #9

Not sure what command line you are referring to? I was asking if there was another program like Kleopatra but easier
Kleopatra can be used either from the graphical user interface or from the command line interface. Using the command line is a bit harder and require more experience so better use the GUI.
To answer your second question, yes there are many other PGP software but Kleopatra is, imo, the easiest to use thanks to its user-friendly graphical interface.

█████████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████
█████████████████████████
.
BC.GAME
▄▄░░░▄▀▀▄████████
▄▄▄
██████████████
█████░░▄▄▄▄████████
▄▄▄▄▄▄▄▄▄██▄██████▄▄▄▄████
▄███▄█▄▄██████████▄████▄████
███████████████████████████▀███
▀████▄██▄██▄░░░░▄████████████
▀▀▀█████▄▄▄███████████▀██
███████████████████▀██
███████████████████▄██
▄███████████████████▄██
█████████████████████▀██
██████████████████████▄
.
..CASINO....SPORTS....RACING..
█░░░░░░█░░░░░░█
▀███▀░░▀███▀░░▀███▀
▀░▀░░░░▀░▀░░░░▀░▀
░░░░░░░░░░░░
▀██████████
░░░░░███░░░░
░░█░░░███▄█░░░
░░██▌░░███░▀░░██▌
░█░██░░███░░░█░██
░█▀▀▀█▌░███░░█▀▀▀█▌
▄█▄░░░██▄███▄█▄░░▄██▄
▄███▄
░░░░▀██▄▀


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
nc50lc
Legendary
*
Offline Offline

Activity: 2352
Merit: 5379


Self-proclaimed Genius


View Profile
March 26, 2022, 03:09:21 PM
 #10

It's successfully verified; However, you haven't certified neither of the three keys.
Thats it?  Awesone!  What exaclty happens when I certifiy? It is confirming these keys are legit?  Thankyou!
Aside from Blackhatcoiner's reply, it's also useful in case you imported a fake key and successfully verified a fake electrum with a signature of it.
If you've certified only the real keys, the real Electrum will show that it has "valid signatures" instead of what you've seen "the data could not be verified".

I haven't mentioned but, before certifying a certificate, it's very important to look for some legitimate source where you can verify the fingerprint.
For example: ThomasV's certificate that I've imported has a fingerprint 6694 D8DE 7BE8 EE56 31BE D950 2BD5 824B 7F94 70E6 which is
the same as the one in the official documentary: https://electrum.readthedocs.io/en/latest/gpg-check.html and from various users' replies.
But better if you can verify it from the person himself: https://github.com/ecdsa

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!