v0.3.2-alpha

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 187F6ADD93AE3B0CF335AA6AB984570980684DCC

Once you have his PGP key you can verify the release (assuming manifest-v0.3.2-alpha.txt and manifest-ViktorTigerstrom-v0.3.2-alpha.sig are in the current directory) with:

gpg --verify manifest-ViktorTigerstrom-v0.3.2-alpha.sig manifest-v0.3.2-alpha.txt

You should see the following if the verification was successful:

gpg: Signature made Thu Jul 25 17:17:17 2024 CEST
gpg:                using EDDSA key 187F6ADD93AE3B0CF335AA6AB984570980684DCC
gpg: Good signature from "Viktor Tigerström <vtigerstrom@gmail.com>"

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

cat manifest-v0.3.2-alpha.txt

One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.3.2-alpha

Verifying the Release Timestamp

We have also started to timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-ViktorTigerstrom-v0.3.2-alpha.sig.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:

ots verify manifest-ViktorTigerstrom-v0.3.2-alpha.sig.ots

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

What's Changed

• multi: Bump go to 1.22.3 & litd to v0.13.2-alpha by @ViktorTigerstrom in #107

Full Changelog: v0.3.1-alpha...v0.3.2-alpha

v0.3.1-alpha

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 187F6ADD93AE3B0CF335AA6AB984570980684DCC

Once you have his PGP key you can verify the release (assuming manifest-v0.3.1-alpha.txt and manifest-ViktorTigerstrom-v0.3.1-alpha.sig are in the current directory) with:

gpg --verify manifest-ViktorTigerstrom-v0.3.1-alpha.sig manifest-v0.3.1-alpha.txt

You should see the following if the verification was successful:

gpg: Signature made Tue Feb 20 21:53:45 2024 CET
gpg:                using EDDSA key 187F6ADD93AE3B0CF335AA6AB984570980684DCC
gpg: Good signature from "Viktor Tigerström <vtigerstrom@gmail.com>"

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

cat manifest-v0.3.1-alpha.txt

One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.3.1-alpha

Verifying the Release Timestamp

We have also started to timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-ViktorTigerstrom-v0.3.1-alpha.sig.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:

ots verify manifest-ViktorTigerstrom-v0.3.1-alpha.sig.ots

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

What's Changed

• gbn: make logger more informative in debug level by @ViktorTigerstrom in #104
• mod: bump lightning-terminal to v0.12.3-alpha by @ViktorTigerstrom in #106

Full Changelog: v0.3.0-alpha...v0.3.1-alpha

v0.3.0-alpha

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 187F6ADD93AE3B0CF335AA6AB984570980684DCC

Once you have his PGP key you can verify the release (assuming manifest-v0.3.0-alpha.txt and manifest-ViktorTigerstrom-v0.3.0-alpha.sig are in the current directory) with:

gpg --verify manifest-ViktorTigerstrom-v0.3.0-alpha.sig manifest-v0.3.0-alpha.txt

You should see the following if the verification was successful:

gpg: Signature made Mon Feb  5 14:56:06 2024 CET
gpg:                using EDDSA key 187F6ADD93AE3B0CF335AA6AB984570980684DCC
gpg: Good signature from "Viktor Tigerström <vtigerstrom@gmail.com>"

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

cat manifest-v0.3.0-alpha.txt

One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.3.0-alpha

Verifying the Release Timestamp

We have also started to timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-ViktorTigerstrom-v0.3.0-alpha.sig.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:

ots verify manifest-ViktorTigerstrom-v0.3.0-alpha.sig.ots

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

What's Changed

• build(deps): bump google.golang.org/grpc from 1.41.0 to 1.56.3 by @dependabot in #94
• build(deps): bump golang.org/x/net from 0.7.0 to 0.17.0 by @dependabot in #91
• build(deps): bump google.golang.org/grpc from 1.39.0 to 1.56.3 in /hashmailrpc by @dependabot in #93
• build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.25.0 to 0.46.0 by @dependabot in #97
• build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.28.0 to 0.46.0 in /cmd/wasm-client by @dependabot in #98
• build(deps): bump golang.org/x/net from 0.14.0 to 0.17.0 by @dependabot in #100
• build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.28.0 to 0.46.0 in /mobile by @dependabot in #99
• build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.25.0 to 0.46.0 by @dependabot in #101
• .golangci: update linter rules by @ellemouton in #92
• gbn+mailbox: cleanup & prefixed logger by @ellemouton in #90
• gbn: Sender side only packeting resend bug fix by @ViktorTigerstrom in #87
• multi: bump go version to 1.21 by @ellemouton in #102
• doc: update release notes by @ViktorTigerstrom in #80
• gbn: set resend timeout dynamically by @ViktorTigerstrom in #88
• Fix WASM-client disconnection error by @ViktorTigerstrom in #103

New Contributors

• @dependabot made their first contribution in #94

Full Changelog: v0.2.8-alpha...v0.3.0-alpha

v0.2.8-alpha

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 187F6ADD93AE3B0CF335AA6AB984570980684DCC

Once you have his PGP key you can verify the release (assuming manifest-v0.2.8-alpha.txt and manifest-ViktorTigerstrom-v0.2.8-alpha.sig are in the current directory) with:

gpg --verify manifest-ViktorTigerstrom-v0.2.8-alpha.sig manifest-v0.2.8-alpha.txt

You should see the following if the verification was successful:

gpg: Signature made Tue Oct 24 16:54:18 2023 CEST
gpg:                using EDDSA key 187F6ADD93AE3B0CF335AA6AB984570980684DCC
gpg: Good signature from "Viktor Tigerström <vtigerstrom@gmail.com>"

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

cat manifest-v0.2.8-alpha.txt

One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.2.8-alpha

Verifying the Release Timestamp

We have also started to timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-ViktorTigerstrom-v0.2.8-alpha.sig.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:

ots verify manifest-ViktorTigerstrom-v0.2.8-alpha.sig.ots

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

What's Changed

• mod: bump lightning-terminal to v0.12.0-alpha by @ViktorTigerstrom in #85
• cmd+example: update with Status server access by @ellemouton in #81

Full Changelog: v0.2.7-alpha...v0.2.8-alpha

v0.2.7-alpha

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 187F6ADD93AE3B0CF335AA6AB984570980684DCC

Once you have his PGP key you can verify the release (assuming manifest-v0.2.7-alpha.txt and manifest-ViktorTigerstrom-v0.2.7-alpha.sig are in the current directory) with:

gpg --verify manifest-ViktorTigerstrom-v0.2.7-alpha.sig manifest-v0.2.7-alpha.txt

You should see the following if the verification was successful:

gpg: Signature made Wed Oct 18 18:24:45 2023 CEST
gpg:                using EDDSA key 187F6ADD93AE3B0CF335AA6AB984570980684DCC
gpg: Good signature from "Viktor Tigerström <vtigerstrom@gmail.com>"

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

cat manifest-v0.2.7-alpha.txt

One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.2.7-alpha

Verifying the Release Timestamp

We have also started to timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-ViktorTigerstrom-v0.2.7-alpha.sig.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:

ots verify manifest-ViktorTigerstrom-v0.2.7-alpha.sig.ots

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

What's Changed

• wasm-client & mobile: bump taproot-assets to v0.3.0-alpha, litd to v0.11.0-alpha & loop to v0.26.4-beta by @ViktorTigerstrom in #84

Full Changelog: v0.2.6-alpha...v0.2.7-alpha

v0.2.6-alpha

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 187F6ADD93AE3B0CF335AA6AB984570980684DCC

Once you have his PGP key you can verify the release (assuming manifest-v0.2.6-alpha.txt and manifest-ViktorTigerstrom-v0.2.6-alpha.sig are in the current directory) with:

gpg --verify manifest-ViktorTigerstrom-v0.2.6-alpha.sig manifest-v0.2.6-alpha.txt

You should see the following if the verification was successful:

gpg: Signature made Mon Aug 21 11:39:55 2023 CEST
gpg:                using EDDSA key 187F6ADD93AE3B0CF335AA6AB984570980684DCC
gpg: Good signature from "Viktor Tigerström <vtigerstrom@gmail.com>"

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

cat manifest-v0.2.6-alpha.txt

One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.2.6-alpha

Verifying the Release Timestamp

We have also started to timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-ViktorTigerstrom-v0.2.6-alpha.sig.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:

ots verify manifest-ViktorTigerstrom-v0.2.6-alpha.sig.ots

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

What's Changed

• bump lightning-terminal for wasm-client & mobile by @ViktorTigerstrom in #82

Full Changelog: v0.2.5-alpha...v0.2.6-alpha

v0.2.5-alpha

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 187F6ADD93AE3B0CF335AA6AB984570980684DCC

Once you have his PGP key you can verify the release (assuming manifest-v0.2.5-alpha.txt and manifest-ViktorTigerstrom-v0.2.5-alpha.sig are in the current directory) with:

gpg --verify manifest-ViktorTigerstrom-v0.2.5-alpha.sig manifest-v0.2.5-alpha.txt

You should see the following if the verification was successful:

gpg: Signature made Wed Jun 14 15:50:34 2023 CEST
gpg:                using EDDSA key 187F6ADD93AE3B0CF335AA6AB984570980684DCC
gpg: Good signature from "Viktor Tigerström <vtigerstrom@gmail.com>" [ultimate]

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

cat manifest-v0.2.5-alpha.txt

One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.2.5-alpha

Verifying the Release Timestamp

We have also started to timestamp the manifest file with OpenTimeStamps along with its signature. A new file is now included along with the rest of our release artifacts: manifest-ViktorTigerstrom-v0.2.5-alpha.sig.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following command:

ots verify manifest-ViktorTigerstrom-v0.2.5-alpha.sig.ots

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

What's Changed

• doc: automate and document release process by @jamaljsr in #75
• wasm-client: bump lightning terminal by @ViktorTigerstrom in #77
• itest: export HashmailHarness struct by @ViktorTigerstrom in #76

New Contributors

• @ViktorTigerstrom made their first contribution in #77

Full Changelog: v0.2.4-alpha...v0.2.5-alpha

v0.2.4-alpha

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

gpg --keyserver hkps://keys.openpgp.org --recv-keys 2E9666012186E2730EA47BEDE853DFADEAF2675E

Once you have his PGP key you can verify the release (assuming manifest-v0.2.4-alpha.txt and manifest-jamaljsr-v0.2.4-alpha.sig are in the current directory) with:

gpg --verify manifest-jamaljsr-v0.2.4-alpha.sig manifest-v0.2.4-alpha.txt

You should see the following if the verification was successful:

gpg: Signature made Thu Mar 30 16:48:47 2023 EDT
gpg:                using RSA key 2E9666012186E2730EA47BEDE853DFADEAF2675E
gpg:                issuer "jamaljsr@protonmail.com"
gpg: Good signature from "Jamal James <jamaljsr@protonmail.com>" [ultimate]

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

cat manifest-v0.2.4-alpha.txt

One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.2.4-alpha

What's Changed

• wasm: allow non-global scope callbacks by @jamaljsr in #72
• Bump lnd and golang versions by @guggero in #74

Full Changelog: v0.2.3-alpha...v0.2.4-alpha

v0.2.3-alpha

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 96C225207F2137E278C31CF7AAC48DE8AB8DEE84

Once you have his PGP key you can verify the release (assuming manifest-v0.2.3-alpha.txt and manifest-kaloudis-v0.2.3-alpha.sig are in the current directory) with:

gpg --verify manifest-kaloudis-v0.2.3-alpha.sig manifest-v0.2.3-alpha.txt

You should see the following if the verification was successful:

gpg: Signature made Thu Feb 16 09:02:58 2023 EST
gpg:                using RSA key 96C225207F2137E278C31CF7AAC48DE8AB8DEE84
gpg:                issuer "zeusln@tutanota.com"
gpg: Good signature from "Zeus LN <zeusln@tutanota.com>" [ultimate]
Primary key fingerprint: 96C2 2520 7F21 37E2 78C3  1CF7 AAC4 8DE8 AB8D EE84

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

cat manifest-v0.2.3-alpha.txt

One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.2.3-alpha

What's Changed

• multi: add autopilot stubs by @ellemouton in #67

Full Changelog: v0.2.2-alpha...v0.2.3-alpha

v0.2.2-alpha

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 96C225207F2137E278C31CF7AAC48DE8AB8DEE84

Once you have his PGP key you can verify the release (assuming manifest-v0.2.2-alpha.txt and manifest-kaloudis-v0.2.2-alpha.sig are in the current directory) with:

gpg --verify manifest-kaloudis-v0.2.2-alpha.sig manifest-v0.2.2-alpha.txt

You should see the following if the verification was successful:

gpg: Signature made Thu Jan 12 11:51:01 2023 EST
gpg:                using RSA key 96C225207F2137E278C31CF7AAC48DE8AB8DEE84
gpg:                issuer "zeusln@tutanota.com"
gpg: Good signature from "Zeus LN <zeusln@tutanota.com>" [ultimate]
Primary key fingerprint: 96C2 2520 7F21 37E2 78C3  1CF7 AAC4 8DE8 AB8D EE84

That will verify the signature on the main manifest page which ensures integrity and authenticity of the binaries you've downloaded locally. Next, depending on your operating system you should then re-calculate the sha256 sum of the binary, and compare that with the following hashes:

cat manifest-v0.2.2-alpha.txt

One can use the shasum -a 256 <file name here> tool in order to re-compute the sha256 hash of the target binary for your operating system. The produced hash should be compared with the hashes listed above and they should match exactly.

Finally, you can also verify the tag itself with the following command:

git verify-tag v0.2.2-alpha

Release Notes (auto generated)

What's Changed

• multi: remove Pool, Loop and Faraday deps from main LNC module by @ellemouton in #66

Full Changelog: v0.2.1-alpha...v0.2.2-alpha