QRL Offline Wallet Verify

Verification of the downloaded QRL wallet installation files are the next steps toward full security. This process allows you to be confident that the files you have downloaded have not been tampered with and are safe to trust for address creation.

Verify Offline Wallet Files

Follow the steps below to verify the Offline QRL wallet files.

Get QRL's Public PGP Key

Obtain security@theqrl.org public PGP key from PGP key servers or Github

pgp import security.theqrl.org.gpg.asc

Verify the Offline Wallet PGP signed shasum file

Download the PGP signed shasum file for the release from the QRL security repo
Check the PGP signature of the shasum hashes file:

gpg --verify shasum.256.pgp.asc

This should display gpg: Good signature from "Security team security@theqrl.org"

Verify the Offline Wallet Files

From downloaded qrl-offline-wallet.zip, check the shasum of the index of shasums:

shasum shasum.256.asc

This should match the shasum shown in the PGP signed message verified above

Finally, check the shasum of the offline-wallet files:

shasum --check shasum.256.pgp.asc

All files should be OK

Verify Offline Wallet Files​

Get QRL's Public PGP Key​

Verify the Offline Wallet PGP signed shasum file​

Verify the Offline Wallet Files​

Verify Offline Wallet Files

Get QRL's Public PGP Key

Verify the Offline Wallet PGP signed shasum file

Verify the Offline Wallet Files