Post SHA-256 hash of Developer Signing Key #244
Labels
open for contributions
I probably won't work on it, but contributions by other developers are welcome.
packaging
Comments
|
Sounds like a reasonable thing to add to the website. The README doesn't link direct downloads so doesn't make sense to add there for me. But you can create a PR for the website if you want: https://github.com/SchildiChat/website SHA-256 hashes for builds in the main repo, as provided by
|
SpiritCroc
added
open for contributions
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The project has many users who have degoogled devices. As was mentioned in Issue 126, the project offers a direct apk download option from SpiritCroc as well as its own fdroid repo. Users who install the direct download apk should have a way to verify that the build was signed by the developer. Posting the sha-256 hash of the developer signing key in the project README and on the SpiritCroc website.
Based on the downloaded SchildiChat[f].apk, the hash appears to be `FA:C0:73:C4:2D:F8:A2:4E:D7:9E:D6:1A:19:86:A0:08:B6:3D:64:68:99:21:70:F8:2C:29:D7:9B:C6:80:8E:AC'. I'm happy to create a PR for the README if you are amenable to inclusion.
I greatly appreciate all the hard work on this project, and thank you for your consideration.
The text was updated successfully, but these errors were encountered: