Our binary releases come with a SHA256SUM.asc file. The file contains a digital signature of the binary files hashes from Blockstream. Using the PGP software you should verify that the downloaded packages have been correctly signed by us.
Our PGP fingerprint is:
04BE BF2E 35A2 AF2F FDF1 FA5D E7F0 54AA 2E76 E792
Import the public key:
gpg --recv-key "04BE BF2E 35A2 AF2F FDF1 FA5D E7F0 54AA 2E76 E792"
Verify the signed hashes of the downloaded binaries:
gpg --verify SHA256SUMS.asc
Check out the latest releases: