chappjc
commented
2 years ago Obsoleted by https://github.com/decred/decred-release/pull/228
Closed jrick closed 2 years ago
chappjc
commented
2 years ago Obsoleted by https://github.com/decred/decred-release/pull/228
jrick
commented
2 years ago indeed
The embedded Bitcoin Core pubkey also contained signatures by many other individuals, to provide a chain of trust. However, for our purposes, these sigs are not necessary, as we have not verified any of these identities. Instead, we only rely on the singular release signing key, exported from a GPG keyring using the command:
$ gpg --armor --export 01EA5486DE18A882D4C2684590C8019E36C2E964
Some of these signatures used signing schemes not understood by the openpgp package, which caused errors when attempting to use the pubkey block to verify Bitcoin Core releases. With these signatures now removed, the commented out error for failed signature validation can be added back.