Skip to content

v0.3.0

Compare
Choose a tag to compare
@KKA11010 KKA11010 released this 02 Mar 15:39
· 28 commits to main since this release
faea4d6

What's Changed

  • Added basic seed phrase backup
  • Official App Store release

APK Download Hash

68783d8fbfb041e1f5f4d8a50ab916908a6171e22306246f6c66c8b0f08492a3 enuts-v0.3.0.apk

A GPG-signed list of the hashes is available at /utils/verification and it should be treated as canonical, with the signature checked against the appropriate GPG key in /utils/gpg_keys/KKA11010.asc.

🔐 Verify APK

A verification process adds an extra layer of security to our releases. It's important to verify the integrity of software you download to ensure that the files are those originally posted by the maintainers. You should both check that the hashes of your files match those on the signed list, and that the signature on the list is valid.

Download APK and Verification Files:
In the same release section, locate and download the following verification files:

  • Download the APK file you want to verify.
  • chosen_app_version.apk.sig (Detached signature for the APK)
  • hash_list.txt (List of hash values for all releases)
  • gpg_key.asc (Our GPG public key)

Import the GPG Public Key:
Import our GPG public key using the following command:

gpg --import gpg_key.asc

Verify the Detached Signature:
Run the following command to verify the detached signature:

gpg --verify chosen_app_version.apk.sig chosen_app_version.apk

Verify the Hash Value:

  • Open the hash_list.txt file and locate the hash value associated with the downloaded APK file.
  • Calculate the hash value of your downloaded APK file using a hash tool, for example, sha256sum:
sha256sum chosen_app_version.apk
  • Compare the calculated hash value with the one in the hash_list.txt file.

If the verification process is successful, you can be confident that the release is authentic and hasn't been tampered with. If you encounter any issues or have questions, please contact us.

Full Changelog: v0.2.1-beta...v0.3.0