Topic: Verifying Bitcoin Core - page 8. (Read 206035 times)

There's no flaw in 0.13.0 itself. The concern is that for the next major release, an attack might be attempted as everyone rushes to upgrade. If the Core devs had to do a non-SegWit 0.12.2 bugfix release, then the warning would apply equally to that.

I am having a hard time to understand why 0.13.0 ? When next to release is 0.12.2 with Segwit Code. My guess is that 0.13.0 doesn't have public binaries and no yet compiled. How can a binary can be compromised in a way like that? I mean seriously they put a warning on a far in future code to be public that is under their control isn't it? This means the whole code can be compromised?

I've been revisiting PGP in recent times and was thinking the other day that I should import a few of the need to know PGP keys, so thanks for the heads up about the next update and the precautions a person should take.

Safety first.

BTW, I have discovered a glitch in KeyBase.Io public keys being incompatible with PGP and Kleopatra.

Sweet!! Thanks this will be very useful.

Nothing has been compromised, at least the post does not indicate that anything has been compromised. The post seems to imply that something might get compromised in the near future, possibly by a state sponsored actor.

Someone suggested in the self-moderated thread that this was something to potentially discredit the Chinese miners in the future if they were to start to support a HF for a larger block size. I have no reason to trust cobra, and several reasons to distrust him, and cannot rule the above out.
 

Agreed. It's good to have a competent individual hosting the forum that cares about security. I think the importance of signature verification will increase as Bitcoin becomes more widely used. Because it is financial software that enables direct access to real value Bitcoin Core is a very attractive target for all kinds of hacking / fraudulent activity - with faked downloads being on the low end of the complexity range.

In addition to the activities of ordinary criminals, we should also be aware that government agencies are highly interested in tracking payments...

ya.ya.yo!

Thanks theymos. Verifying the integrity of software to run on people's machines should be a standard for everyone and I'm glad that it's being taken care so thoroughly by people associated with bitcoin development. Excellent security practices are always welcome, especially given that bitcoin's transactions were designed to be trustless.

You do the same for your core system: just click to update. It could even be set to auto-update.
If you can't trust the Bitcoin core in there, you can't trust the rest of your system. And if you can't trust the rest of your system, not only Bitcoin but also your online banking could be compromised.

So far I trust my operating system, and it's almost impossible for me to check if it's compromised anyway.

you just referenced half a sentence and started bashing the OP with what you think. the point was to emphasize "you should NEVER run Bitcoin Core software without verifying it first" which you conveniently omitted altogether.

Cobra made an alert on bitcoin.org: https://bitcoin.org/en/alert/2016-08-17-binary-safety but no one knows why he did it and what he means by it. So right now now the assumption is that something nasty have been compromised, but there is no proof of any such compromise yet.

Wondering too.

That's an absolutely impossible assumption. I understand the OP was just trying to make a point but he chose a wrong example, or at the very least a very nonsensical wording. If any website or person ever claims that you have to download anything (or do anything in general) otherwise you lose your coins then they are either lying or retarded. Your coins are your coins and to keep them you don't have to do absolutely anything.

Now if any reader is that stupid that they would actually believe such a nonsense then they shall lose all their coins, they don't deserve to even use their computer. Stupid people are the worst danger to society, vast majority of all the suffering throughout the human history was caused by the human stupidity.

What about if i have Ubuntu with Bitcoin core in the PPA?  its auto updating it, i dont do anything manually beside clicking on Update 

I was always wondering how people could sign those downloads ,thanks for the tutorial theymos 


Are you speaking about scenarios that could happen ? or there is an actual threat going on, because I don't understand why It became suddenly important to verify signature while we didn't see such a thread in the past.

What I want to know is, what "State" is sponsoring this malicious attack? Is it China? The USA? I would imagine a collective of countries conversing on this and funding the attackers with Bitcoin, since fiat is so traceable nowadays.

Actually they are. The signatures are included in detached form at https://github.com/bitcoin-core/bitcoin-detached-sigs. These are combined with the unsigned versions to create signed versions. This is done for every single version, including prereleases.

Same thing as above.

Also, for verifying gitian signatures, all of the keys used by everyone who has built gitian binaries is located at https://github.com/bitcoin/bitcoin/tree/master/contrib/gitian-keys

It is important to verify the integrity of Bitcoin Core before running it. Depending on how you downloaded it, it may have been modified in transit to do something evil when run. The server hosting the download may also have been compromised.

Even if all of your favorite Bitcoin websites are yelling at you to immediately download something lest you lose all of your coins, you should NEVER run Bitcoin Core software without verifying it first.

Easy way 1

Final Windows and Mac installers are digitally signed by The Bitcoin Foundation. (Note that The Bitcoin Foundation is not actually strongly associated with Bitcoin development -- it is just convenient for them to sign the releases.) On Windows, you can check this by right clicking the installer, choosing properties, and then going to the Digital Signatures tab. Check that it is signed by The Bitcoin Foundation, Inc..

Prerelease versions are generally not signed.

Easy way 2

Get the sha256 hash of the Bitcoin Core release you downloaded. On Linux, you can run, for example, sha256sum bitcoin-0.16.3-x86_64-linux-gnu.tar.gz. On Windows you can run (at a command prompt) certUtil -hashfile bitcoin-0.16.3-win32.zip SHA256. On Mac OS X, you can run shasum -a 256 bitcoin-0.16.3-osx.dmg.

The hashes of the most recent release and prerelease versions are below. Hashes for older versions are available here (SHA256SUMS.asc under each version is a text file that can be opened with any text editor). Simply verifying the hashes of the Bitcoin Core release you downloaded against the appropriate hash in the list here will provide some extra security, but ideally you should also use OpenPGP software such as gpg to verify that the hashes were signed by someone you trust.

0.16.3


To verify the signatures, first install GPG. Then import the necessary PGP public keys (see below). Then get to a command prompt and do this:


Gitian signature verification

Bitcoin developers and other interested people sign every release of Bitcoin Core using gitian. To verify a downloaded version:

• Go to the gitian sigs page and choose the correct version. Versions that end in "rc1" are older prerelease versions of versions without any rc suffix. Choose the link that ends with "-win" for Windows, "-osx" for Mac OS X, or "-linux" for Linux.
• Once you're at the correct version, there are links for all of the different people who signed that release. Choose a few people who you trust. You will need their PGP public keys (see below).
• For each person, download the raw version of both files. With both files in the same directory, run gpg --verify *.assert.sig. Verify that the signature is OK.
• Open the .assert file in a text editor. This is a list of SHA-256 hashes for a bunch of files. You should verify that the Bitcoin Core download you're going to use exists in the "out_manifest" section and has a matching hash. In some cases, you may need to check several files if the out_manifest contains the contents of an archive that you downloaded. Note that Windows and OS X installers generally will not have matching hashes due to issues with embedded signatures in the installers -- use the zip/tar.gz releases instead.

Building gitian releases

You can personally build Bitcoin Core and check that it matches the official release. See here.

Note that the digitally signed installers cannot be verified in this way because you would need to know the private key of the digital signature signing key in order to reproduce the installer.

Common PGP keys

Here are a few PGP public keys that you might need. You can usually just paste the whole thing into a command prompt:
https://bitcointalk.org/verify_pubkeys.txt

If you're using the default trust model, and you've already created a key for yourself with gpg --gen-key, then you'll also want to locally sign these keys. Do that like this for each key-id, saying yes if it asks whether you want to sign all user IDs:


With bash on Linux, this will lsign all of the public keys in that file:


Note that it isn't the greatest to trust random pages on the Internet when importing keys. For example, a bitcointalk.org moderator could replace the above keys with different keys that are all under his control and then post an emergency "urgent upgrade required!" link somewhere pointing to wallet-stealing malware signed by the keys that he placed here. PGP has the concept of a "PGP Web of Trust" that people are theoretically supposed to use to prevent this sort of thing, but it's complicated and doesn't work very well, so pretty much no one actually uses it. If you're not already familiar with PGP, then it's best to just import and use these keys, which will at least protect you from attacks carried out in the future. But if you're serious about security, you should probably read a few guides on PGP and at least try to get verification from several different sites/people about a key's authenticity in the future. For example, many of these keys are also available on bitcoin.org. (All of the Bitcoin Core download/verification info has been republished on bitcointalk.org partly to provide some protection/redundancy in the case of bitcoin.org being compromised.)