Gemlock-dns is the first part of our gemlock security suite, and is the result of an outstanding partnership with altcoin.center.
Gemlock is a decisive tools in our security roadmap, soon, Opal user will check, directly inside his wallet if this one is the good one (
the last and certified one) and if it is not corrupted !
How it works ?
by comparing the SHA1 checksums of your Opal wallet and the official Opal wallet.
Does it work ?
yes, but it is not yet automated.
Let's get checking our last wallet, (here is the tuto):
For WINDOWS users:1. Go to C: create a new folder and name it FCIV
2. Download the File Checksum Integrity verifier :
http://download.microsoft.com/download/c/f/4/cf454ae0-a4bb-4123-8333-a1b6737712f7/Windows-KB841290-x86-ENU.exe 3. In the file download box, click Save and save the file in the FCIV folder
4. Go to your FCIV folder and double-click on Windows-KB841290-x86-ENU.exe then click ok
5. Click ok to extract the file (if asked, extract the file in the FCIV folder)
6. Click start, on the search field type
Press enter, then click cmd.exe
7. On this black command prompt, type
Press Enter
8. Download your favorite wallet on
www.opal-coin.com at the Download Wallets
9. Type (and replace the .zip file with the wallet you downloaded, as there are 3 different wallets).
fciv.exe -sha1 c:\the full path\where you downloaded\Opalcoin-Qt-exchange.zip
the SHA1 checksum is the 40 numbers and letters, after
File Checksum Integrity Verifier version 2.05,example:
4c56186623bbaa7c2fea980b042270beafd3b53f c:\the full path\where you downloaded\Opalcoin-Qt-exchange.zip
10. Now, type:
And press Enter
it will displays your DNS sometime we encounter surprise here so you can check if they are yours, or if you have a box: if they are those of your ISP, type "Your ISP name DNS" in google to know them, and... anyway we need to type it 
10. Type:
Press Enter
11. Type:
Press Enter
This order displays the genuine Opalcoin SHA1 checksums (the 40 numbers and letters).
12. Compare this guenuine SHA1 with the
checksum fciv.exe gave you: they MUST be the same.
(beware to check the SHA1 of the good wallet as there are three Opalcoin client, to check it, just look at the name of your Opalcoin-Qt-Folder. Now in the command prompt look at the one which match with your Opalcoin-Qt) If the SHA1s are not the same: Close your wallet, save the
wallet.dat in a easy retrievable folder (
but not into your Opalcoin-Qt folder
and not into C:\Users\YourUserName\Appdata\Roaming\Opalcoin), go to C:\Users\YourUserName\Appdata\Roaming\ and delete the folder Opalcoin, go to your Opalcoin-Qt folder you use to launch your wallet, delete the Opalcoin-Qt folder.
Type:
Press Enter to quit the nslookup utility.
Go to
www.opal-coin.com and click wallet download, choose the walllet you need.
Now it is simple and cool, if you want to test again your last download from this simili-trusted pseudo-true opal-coin.com (maybe you were not on the right official website
)
Type (and replace the .zip file with the wallet you downloaded, as there are 3 different wallets)
fciv.exe -sha1 c:\the full path\where you downloaded\Opalcoin-Qt-exchange.zip
Enter, check.
If the SHA1s are the same: Well done you have a certified official Opal wallet !
You can now run it, let it sync, (1 to several hours, depends on your bandwidth) and close it.
Go to C:\Users\YourUserName\Appdata\Roaming\Opalcoin
and put your saved
wallet.dat into the folder. now start again your wallet: and stake cool !
____________________
For LINUX users:1. Start a shell / terminal, i.e. a text based command line utility
2. Go to the directory to which you downloaded the wallet software by typing the following command to the terminal, followed by enter, replacing “ /path/to/download folder ” by the actual location of the folder where you downloaded the wallet software. cd “ /path/to/download folder ”.
3. Type the following command to the terminal window, followed by enter, replacing “ Opal-Qt-opaque.zip ” with the name of the file you downloaded: sha1sum Opal-Qt-opaque.zip The sha1sum command outputs a line similar to this:
3a099ff6e8831885b00431bee693ea40b3ff9e39 Opal-Qt-opaque.zip Take note of the random-looking 40 character string. It is the SHA1 checksum of the file you have downloaded. Now compare it to the checksum provided by the DNS system at step 7.
4. Start the DNS lookup utility by typing the below command, followed by enter: nslookup
5. At the nslookup utility prompt (>), type the below command, followed by enter: set querytype=TXT
6. Make a DNS query by typing the address provided by the wallet developers to the nslookup utility prompt, followed by enter: checksums.opal-coin.com You can also use DNS checksum service provided by a trusted third party, such as Altcoin.Center: opal.signatures.altcoin.center Take note of the 40 character SHA1 checksums returned by the above command: checksums.opal-coin.com text = "Opal-Qt-opaque.zip 3a099ff6e8831885b00431bee693ea40b3ff9e39"
7. Compare the SHA1 checksum created at step 3 to the one provided for the same file by the DNS service at step 6. If the 40 characters checksums are identical, it means the wallet software file you downloaded is genuine. If the checksums are different, make sure the version of the wallet software you have downloaded is the latest one, and repeat all of the above steps. If the checksums provided by the DNS remain different after couple of hours have passed, please contact the Opal developers for advice
____________________
APPLE users, we cant forget you, i am just a little bit completly rusty with Apple file managment and prompts, so it takes me times... Camargh !
1. Open a Terminal (located in: /Applications/Utilities).
2. InsideTerminal prompt, type:
openssl sha1 /Your_full/path_to_file/Opaque-Final-Mac.zip
Press Enter
It dipslays the SHA1 checksum you will have to compare: 40 numbers and letters, here in red:
SHA1(/Your_full/path_to_file/Opaque-Final-Mac.zip) =
3eb807b340d4e57aa79bb5422b94d556888bba60with the SHA1 checksum of the official and certified opal wallets in the nslookup utility:
3.Type
Press Enter
4. After (>) type
Press Enter
5. Type:
Press Enter
6. Compare the SHA1 checksum returned (still 40 numbers and letters), here in red with your wallet checksum, above:
something like: checksums.opal-coin.com text = "Opaque-Final-Mac.zip
3eb807b340d4e57aa79bb5422b94d556888bba60"
7.Type:
Press Enter to quit the nslookup utility.
If SHA1 checksums are the same, it means the wallet software file you downloaded is genuine. If the checksums are different, close your wallet, save the wallet.dat in another well known folder. then uninstall your Opalcoin-QT and download the latest version at
www.opal-coin.comObviously, you can now quickly check your brand new latest download:
in the terminal type:
openssl sha1 /Your_full/path_to_file/Opaque-Final-Mac.zip
Press Enter and compare with the Opaque-Final-Mac.zip checksum of your last nslookup. if it is still different, call a developper on IRC.
If the SHA1s are the same: Well done you have a certified official Opal wallet !
The next step into security is to automate these processes, stay tuned
...
(P.S: thanks to Jyri from altcoin.center for the linux tutorial)
(P.S #2: the checksums written here are not real, these are just example)
Poll
