Author

Topic: Current Bitcoin Core? (Read 232 times)

legendary
Activity: 2618
Merit: 6452
Self-proclaimed Genius
November 05, 2022, 09:20:01 AM
#9
I'm new to this platform. -snip-
When it came to withdrawing my money after investing, they asked me to encrypt my VALR.com  Bitcoin wallet and that I must use their encryption software and a cost of $1209.12.
Anything that asks you to spend money before you can withdraw is a red flag.
And it looks like they are trying to double-scam you with that so-called "encryption software".

BTW, it's better if you can post a new thread since it's off-topic to this thread.
Since it's not a "scam accusation" topic, you can try to post in Beginners and Help board or Service Discussion: go to your selected board then click "new topic" (right side) to create a new thread.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
October 13, 2022, 02:00:40 AM
#8
~
If you're more worried about signatures and hashes of the new binaries than about the actual content of the last updates / code changes, you could always compile yourself!
On GitHub, you can find the Windows Build Notes.

Well yeah, something I like about the Windows build process is that it doesn't require Visual Studio which is a gigantic package to download and install in the first place, not to mention the system requirements for running it and compiling stuff... good ol' MinGW ./configure && make && make install.
hero member
Activity: 924
Merit: 5943
not your keys, not your coins!
October 12, 2022, 06:22:47 PM
#7
~
If you're more worried about signatures and hashes of the new binaries than about the actual content of the last updates / code changes, you could always compile yourself!
On GitHub, you can find the Windows Build Notes.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
October 12, 2022, 12:53:41 PM
#6
Lastly, with respect to verifying files, I don't know which keys that I should trust for importing the signatures for this version or how exactly I would be able to identify trustworthy signatures.  

Here's the list that my system didn't identify as unavailable signatures

~

Every Bitcoin Core maintainer has a signing key. Generally, maintainers are highly better before they are given the maintainership responsibility, meaning you should be able to trust all of them (or at least most of them), so while you don't have to have all those keys imported into your PGP software, it's good to have multiple (arbitrary, if you want) keys imported just in case someone's Github account gets compromised for whatever reason.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
October 12, 2022, 12:22:59 PM
#5
[...]
Let me see.

I do confirm that bitcoin-23.0-win64-setup.exe does have an SHA256 equivalent of "4198eba8ac326d8746ab43364a44a5f20c157b6701f8c35b80d639a676df9011".
I do confirm that I've imported achow101's public key (0x152812300785C96444D3334D17565732E08E5E41) which is one of which you can't verify the signatures with.
I do confirm that SHA256SUMS is signed by achow101:
Code:
~/Downloads$ gpg --verify SHA256SUMS.asc
gpg: assuming signed data in 'SHA256SUMS'
gpg: Signature made Fri 22 Apr 2022 07:03:04 PM EEST
gpg:                using RSA key 152812300785C96444D3334D17565732E08E5E41
gpg:                issuer "[email protected]"
gpg: Good signature from "Andrew Chow (Official New Key) " [unknown]
gpg:                 aka "Andrew Chow " [unknown]
gpg:                 aka "Andrew Chow " [unknown]
gpg:                 aka "Andrew Chow " [unknown]
gpg:                 aka "Andrew Chow " [unknown]
gpg:                 aka "Andrew Chow " [unknown]
gpg:                 aka "Andrew Chow " [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 1528 1230 0785 C964 44D3  334D 1756 5732 E08E 5E41
gpg: Signature made Fri 22 Apr 2022 07:17:06 PM EEST
gpg:                using RSA key 0AD83877C1F0CD1EE9BD660AD7CC770B81FD22A8
gpg:                issuer "[email protected]"
gpg: Can't check signature: No public key
gpg: Signature made Fri 22 Apr 2022 02:54:30 PM EEST
gpg:                using RSA key 590B7292695AFFA5B672CBB2E13FC145CD3F4304
gpg:                issuer "[email protected]"
gpg: Can't check signature: No public key
gpg: Signature made Fri 22 Apr 2022 11:25:24 AM EEST
gpg:                using RSA key 28F5900B1BB5D1A4B6B6D1A9ED357015286A333D
gpg: Can't check signature: No public key
gpg: Signature made Fri 22 Apr 2022 09:39:41 PM EEST
gpg:                using RSA key 637DB1E23370F84AFF88CCE03152347D07DA627C
gpg: Can't check signature: No public key
gpg: Signature made Fri 22 Apr 2022 11:22:55 AM EEST
gpg:                using RSA key CFB16E21C950F67FA95E558F2EEB9F5CC09526C1
gpg:                issuer "[email protected]"
gpg: Can't check signature: No public key
gpg: Signature made Fri 22 Apr 2022 11:36:47 AM EEST
gpg:                using RSA key F4FC70F07310028424EFC20A8E4256593F177720
gpg:                issuer "[email protected]"
gpg: Can't check signature: No public key
gpg: Signature made Fri 22 Apr 2022 11:22:08 AM EEST
gpg:                using RSA key D1DBF2C4B96F2DEBF4C16654410108112E7EA81F
gpg:                issuer "[email protected]"
gpg: Can't check signature: No public key
gpg: Signature made Sat 23 Apr 2022 11:39:06 AM EEST
gpg:                using RSA key 287AE4CA1187C68C08B49CB2D11BD4F33F1DB499
gpg: Can't check signature: No public key
gpg: Signature made Sun 24 Apr 2022 11:31:28 AM EEST
gpg:                using RSA key F9A8737BF4FF5C89C903DF31DD78544CF91B1514
gpg: Can't check signature: No public key
gpg: Signature made Sat 23 Apr 2022 03:39:56 PM EEST
gpg:                using ECDSA key C388F6961FB972A95678E327F62711DBDCA8AE56
gpg:                issuer "[email protected]"
gpg: Can't check signature: No public key
gpg: Signature made Fri 22 Apr 2022 07:18:09 PM EEST
gpg:                using RSA key 9DEAE0DC7063249FB05474681E4AED62986CD25D
gpg: Can't check signature: No public key
gpg: Signature made Sat 23 Apr 2022 07:43:29 AM EEST
gpg:                using RSA key E463A93F5F3117EEDE6C7316BD02942421F4889F
gpg: Can't check signature: No public key
gpg: Signature made Fri 22 Apr 2022 11:56:54 AM EEST
gpg:                using RSA key 9D3CC86A72F8494342EA5FD10A41BDC3F4FAFF1C
gpg:                issuer "[email protected]"
gpg: Can't check signature: No public key
gpg: Signature made Fri 22 Apr 2022 03:32:27 PM EEST
gpg:                using RSA key 4DAF18FE948E7A965B30F9457E296D555E7F63A7
gpg: Can't check signature: No public key
gpg: Signature made Sat 23 Apr 2022 08:21:37 PM EEST
gpg:                using RSA key 28E72909F1717FE9607754F8A7BEB2621678D37D
gpg:                issuer "[email protected]"
gpg: Can't check signature: No public key
gpg: Signature made Fri 22 Apr 2022 11:50:58 AM EEST
gpg:                using RSA key 74E2DEF5D77260B98BC19438099BAD163C70FBFA
gpg:                issuer "[email protected]"
gpg: Can't check signature: No public key

(I haven't imported any other public key, that's why it can't check the rest of the signatures)
member
Activity: 104
Merit: 120
October 12, 2022, 10:33:59 AM
#4
Thanks.  While I did check the SHA256 hash of the Window's installer that I downloaded from here: https://bitcoincore.org/en/download/ and range a hash for the exe which turned back this digest:  4198eba8ac326d8746ab43364a44a5f20c157b6701f8c35b80d639a676df9011 that matched the SHASUMS file, I also note that someone else did the same as per this site and was having installation issues.  It's these kinds of issues that give me pause for upgrading.

Here's the issues that some operating in France experienced for reference: https://github.com/bitcoin/bitcoin/issues/25726

Lastly, with respect to verifying files, I don't know which keys that I should trust for importing the signatures for this version or how exactly I would be able to identify trustworthy signatures. 

Here's the list that my system didn't identify as unavailable signatures

0x152812300785C96444D3334D17565732E08E5E41
0x0AD83877C1F0CD1EE9BD660AD7CC770B81FD22A8
0x590B7292695AFFA5B672CBB2E13FC145CD3F4304
0x28F5900B1BB5D1A4B6B6D1A9ED357015286A333D
0x637DB1E23370F84AFF88CCE03152347D07DA627C
0xCFB16E21C950F67FA95E558F2EEB9F5CC09526C1
0xF4FC70F07310028424EFC20A8E4256593F177720
0xD1DBF2C4B96F2DEBF4C16654410108112E7EA81F
0x287AE4CA1187C68C08B49CB2D11BD4F33F1DB499
0xF9A8737BF4FF5C89C903DF31DD78544CF91B1514
0xC388F6961FB972A95678E327F62711DBDCA8AE56
0x9DEAE0DC7063249FB05474681E4AED62986CD25D
0xE463A93F5F3117EEDE6C7316BD02942421F4889F
0x9D3CC86A72F8494342EA5FD10A41BDC3F4FAFF1C
0x4DAF18FE948E7A965B30F9457E296D555E7F63A7
0x28E72909F1717FE9607754F8A7BEB2621678D37D
0x74E2DEF5D77260B98BC19438099BAD163C70FBFA

Thanks.
legendary
Activity: 1932
Merit: 1273
October 12, 2022, 10:07:42 AM
#3
- The first red flag issue I had when the download package the Windows signing key for one of their releases (sometime after v 20.1).

Just verify the file signature manually then you are good to go.

There is a tutorial on Windows regarding how to do it, see it at https://bitcoincore.org/en/download/ and there will be "Windows verification instructions".

- The current issue is there is an obvious discrepancy between what bitcoin dot org and bitcoincore dot org list as the current version (the former states v 23 and the later v 24).

You should use bitcoincore.org.

I've just noticed that while bitcoincore.org advertises version 23.0, the bitcoin.org only has the old 22.0
Is there any problem there I've been missing? I'm asking because I've been usually sending people to bitcoin.org and not bitcoincore.org
Bitcoincore.org is Bitcoin Core's official website. As part of separating Bitcoin Core from Bitcoin.org (presumably as part of efforts to distinguish between Bitcoin Core the software and Bitcoin the cryptocurrency), the maintainers no longer post Bitcoin Core releases to Bitcoin.org. However the maintainers of Bitcoin.org can choose to mirror the binaries on their website and do so as they wish. You should direct people to bitcoincore.org as it is the project's actual website.
member
Activity: 104
Merit: 120
October 12, 2022, 09:46:20 AM
#2
My apologies. The current version for bitcoin core on bitcoin dot or is v22 and v23 from bitcoin core dot org.  Thanks.
member
Activity: 104
Merit: 120
October 12, 2022, 09:43:55 AM
#1
Hi everyone,  I wanted to try and vet some concerns I've had over the past few years regarding updating my Bitcoin core nodes.  It's my hope that the community here can help pet them to rest but if not I can always stick to my v.20x nodes. 

As you know there is no one single piece of software that makes bitcoin bitcoin, but if you look at it in terms of dominant influence over the ecosystem, you would have to say it would be the bitcoin core node.  That being said, here are two big flags I've seen recently that have me hesitant on upgrading from an older version of core:


- The first red flag issue I had when the download package the Windows signing key for one of their releases (sometime after v 20.1).

- The current issue is there is an obvious discrepancy between what bitcoin dot org and bitcoincore dot org list as the current version (the former states v 23 and the later v 24).

Obviously there have been tons and tons of changes since v. 20 and clearly the most powerful organizations on earth do not want bitcoin to eat their lunch (banks, governments etc).  That said I'm sure that these entities have been constantly trying to tweak bitcoin to their liking-whatever that may entail.  That said, if anyone has any feedback on the two noted concerns above I'd really appreciate it. 

TIA!
Jump to: