Skip to content

Instantly share code, notes, and snippets.

@ltfschoen

ltfschoen/rotki.md

Created August 27, 2020 23:08
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ltfschoen/953012c377ccd236dbe4c14aaab99a94 to your computer and use it in GitHub Desktop.
Save ltfschoen/953012c377ccd236dbe4c14aaab99a94 to your computer and use it in GitHub Desktop.
Download ZIP
Rotki release steps to verify checksum
Raw
rotki.md

The following are steps taken to verify the checksum of the Rotki installer on macOS:

  • Downloaded the file (i.e. rotki-darwin-v1.6.2.dmg.sha512) that contains the published SHA512 hash of binaries that we'll use as checksum to verify the integrity of the binary
  • View the checksum in the file with cat rotki-darwin-v1.6.2.dmg.sha512
    • Example output was:
f1be8965f206fb0ae5f745575c0e4da12a302e237188bb5cd41d73a19705965fc409da72508253f8908626ccbfb43990bf0e801f3cfa0ff9e29000c7d177a074  rotki-darwin-v1.6.2.dmg

shasum -a 512 rotki-darwin-v1.6.2.dmg
  • Note that there may be an additional file called latest-mac.yml, which is automatically generated by electron builder and is for the auto-updater feature that we is not yet supported. It's contents were the following:
version: 1.6.2
files:
  - url: rotki-darwin-v1.6.2.zip
    sha512: vyxWdS3quE4RYocAUZrpjUtJ7vCixYZgvShP5Sps7dNOw0fnC1cwQP2VLQg7ELW3MMXacah5d+MYauozMAEIzg==
    size: 103125622
    blockMapSize: 107783
  - url: rotki-darwin-v1.6.2.dmg
    sha512: 8b6JZfIG+wrl90VXXA5NoSowLiNxiLtc1B1zoZcFll/ECdpyUIJT+JCGJsy/tDmQvw6AHzz6D/nikADH0XegdA==
    size: 105587918
path: rotki-darwin-v1.6.2.zip
sha512: vyxWdS3quE4RYocAUZrpjUtJ7vCixYZgvShP5Sps7dNOw0fnC1cwQP2VLQg7ELW3MMXacah5d+MYauozMAEIzg==
releaseDate: '2020-08-11T20:38:24.058Z'
  • Note that the sha512 value for the file rotki-darwin-v1.6.2.dmg that's shown in that file as (i.e. 8b6JZfIG+wrl90VXXA5NoSowLiNxiLtc1B1zoZcFll/ECdpyUIJT+JCGJsy/tDmQvw6AHzz6D/nikADH0XegdA== ) doesn't match the checksum value that's included in the file rotki-darwin-v1.6.2.dmg.sha512. This is because it uses a different encoding of base64. So if you use a base64 to hex converter and pass this sha512 value as an argument, it will convert it to the equivalent hex value, which should match the computed checksum and the checksum found in rotki-darwin-v1.6.2.dmg.sha512. Run the following JavaScript code (after replacing the base64Value with the sha512 value. An easy way to run it is in your web browser's console.
function base64toHEX(base64) {
  var raw = atob(base64);
  var HEX = '';

  for ( i = 0; i < raw.length; i++ ) {
    var _hex = raw.charCodeAt(i).toString(16)
    HEX += (_hex.length==2?_hex:'0'+_hex);
  }
  return HEX.toUpperCase();
}
const base64Value = "8b6JZfIG+wrl90VXXA5NoSowLiNxiLtc1B1zoZcFll/ECdpyUIJT+JCGJsy/tDmQvw6AHzz6D/nikADH0XegdA==";
console.log(base64toHEX(base64Value));
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment