Skip to content

Unstable Development Builds

Pre-release
Pre-release
Compare
Choose a tag to compare
@github-actions github-actions released this 12 Dec 12:01
unstable
12c09d8
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Crates Versions

Crate Version
mithril-aggregator 0.6.3
mithril-client 0.10.4
mithril-client-cli 0.10.5
mithril-client-wasm 0.7.2
mithril-common 0.4.96
mithril-signer 0.2.221
mithril-stm 0.3.34

Networks Compatibility ⚠️

Network Compatible
release-mainnet
release-preprod
pre-release-preview
testing-preview
testing-sanchonet

Linux Requirements

The Linux binaries target glibc: to run them or install the .deb packages you must have glibc version 2.31+ installed.
Compatible systems include, but are not limited to, Ubuntu 20.04+ or Debian 11+ (Bullseye)).

Fetch the latest version of the unstable tag

The unstable tag is updated with a new commit id when a new unstable release is published.
To fetch the latest version of the unstable tag, execute the command:
git tag -d unstable && git fetch origin tag unstable

Verify the authenticity of a downloaded asset

Detailed procedure to verify an asset

  • Step 1: Identify the downloaded asset on your computer YOUR_ASSET_FILE
  • Step 2: Download the signed checksum file from this link CHECKSUM.asc and save it in the same folder as the asset
  • Step 3: In your terminal, go to the asset folder by running:
cd ***YOUR_ASSET_FOLDER***
  • Step 4: Then verify the checksum of the asset by running:
sha256sum -c ./CHECKSUM.asc 2>/dev/null | grep ***YOUR_ASSET_FILE***

You must see:

./***YOUR_ASSET_FILE***: OK
  • Step 5: Download the public key file from this link public-key.gpg and save it in the same folder as the asset
  • Step 6: Then import the GPG public key:
gpg --import ./public-key.gpg

You must see something like:

gpg: key : public key "Input Output / Mithril <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1
  • Step 7: Then verify the GPG signature of the checksum file:
gpg --verify ./CHECKSUM.asc

You must see something like:

gpg: Signature made Mon 05 Dec 2022 04:53:54 PM CET
gpg:                using RSA key 35EDE9D47BBA62A2F388E655899ACD26B8BCA0D2
gpg: Good signature from "Input Output / Mithril <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 35ED E9D4 7BBA 62A2 F388  E655 899A CD26 B8BC A0D2

The signature is valid if and only if:

  • there is a line with gpg: Good signature from "Input Output / Mithril <[email protected]>"
  • there is a line with Primary key fingerprint: 73FC 4C3D FD55 DBDC 428A D2B5 BE04 3B79 FDA4 C2EE
  • Step 8:
    If you successfully validated all the steps of this process, then you have successfully verified the authenticity of the asset ✔️
    If not, contact us at [[email protected]] and let us know of the outcome of your run of this process ⚠️

What's Changed

  • feat(ci): include explorer in packaged releases by @Alenar in #2167
  • Fix: recompute certificate chain hash by @jpraynaud in #2168
  • Refactor: rework snapshot_uploaders module to improve genericity by @dlachaume in #2165
  • Fix explorer packaging in releases by @Alenar in #2170
  • Docs: enhance recompute certificates hash runbook by @jpraynaud in #2171

Full Changelog: 2450.0-pre...unstable

Contributors

Alenar, jpraynaud, and dlachaume
Assets 13
Loading