mirror of
https://github.com/lightningnetwork/lnd.git
synced 2024-11-20 10:39:01 +01:00
f6c66ca980
Instead of importing the keys from Keybase, we add all the signing keys to the repository. In addition to having the key file present each key's ID must also be added to the verification script. This acts as a double check that the correct key is added and makes a key change more explicit.
16 lines
682 B
Markdown
16 lines
682 B
Markdown
# Release verification keys
|
|
|
|
This directory contains all keys that are currently signing `lnd` releases.
|
|
|
|
The name of the file must match exactly the suffix that user is going to use
|
|
when signing a release.
|
|
For example, if the key is called `eugene_.asc` then that user must upload a
|
|
signature file called `manifest-eugene_-v0.xx.yy-beta.sig`, otherwise the
|
|
verification will fail. See [the release
|
|
documentation](../../docs/release.md#signing-an-existing-manifest-file) for
|
|
details on how to create the signature.
|
|
|
|
In addition to adding the key file here as a `.asc` file the
|
|
`scripts/verify-install.sh` file must also be updated with the key ID and the
|
|
reference to the key file.
|