Bitcoin Core Open Source Release Process
Releases to the Bitcoin Core client and project are built and released using this process:
- Labeled in github
- Binaries are created for the platforms affected (usually all, Windows, Mac and Linux).
- Binary file checksum(s) is(are) calculated and a message with those are signed by a core developer.
- sha256 checksum
- Files used to build are checksummed and submitted to the Gitian.sigs project on github.
- Uploaded to distribution (Bitcoin.org/bin, and Launchpad.net for the Ubuntu PPA)
- Blog post on Bitcoin.org
- Forum post on BitcoinTalk.org
Verifying The Download
To verify the checksum for a binary download, first ensure the checksum file is secure by decrypting the SHA256SUMS.asc file:
$ gpg --decrypt SHA256SUMS.asc
Then verify the file checksum:
$ openssl dgst -sha256 [binary release archive]
Verify that the checksum matches the one in SHA256SUMS.asc
A script to verify the binaries was contributed to the Bitcoin.org project.
- Bitcoin.org client source project on Github
- Gitain.sigs Trusted build process signatures on Github
- Bitcoin.org website with releases