Questions tagged [gpg]

When someone downloads the Monero source tree from github, there is a possible risk that this is not what the developers created. This could be MITM attacks, whether between developers and github or between github and the downloader. It could be…

I'm fairly new to git and it seems surprisingly easy to rewrite past commits. I'm aware of the signed commits, and if I understand it correctly, it prevents against unauthorized/untrusted write access, including a compromission of the github…

What steps are taken to verify the binaries via the new GUI auto update feature? How does it compare to downloading the them and manually verifying the hash as GPG key as was required for previous versions?

I'm working in Windows and trying to verify the hash and binary of the Monero GUI wallet. I followed the directions here: https://www.getmonero.org/resources/user-guides/verification-windows-beginner.html#2-monero-signing-key I got stuck at…