Developers: Cryptographically sign your crypto wallet releases

in ethereum •  2 years ago

I was pleased to notice today, while going through the changelog for ethereum wallet 0.8.3:

PGP-verified releases (#546)

This is long-awaited, and probably more useful than checksums itself (although they have slighty different purposes). Look for the Verified badge in releases and commits.

Github issue #546

This practice has, of course, been in use in the wider open source ecosystem for a long time.

It always struck me as incredibly strange that in a world where it is people's money/value/whatever-you-want-to-call-it that is at stake, such a simple precaution is repeatedly not being taken by crypto-currency projects everywhere.

Checksums are not enough. They serve a different purpose.

Congratulations to the ethereum project for getting it right.

Conclusion

Developers: Sign your releases. Give your users the warm fuzzy feeling (tm).

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!