Verify authenticity of Clorio Wallet apps

How to verify that Clorio Wallet for Mina Protocol has not been tampered.

After downloading the desktop application, it's highly recommended to verify the checksum of the application. This ensures that you are using the original Clorio Wallet application and not a tampered version. To see the checksum of a specific version please go to https://github.com/nerdvibe/clorio-client/releases/latest and look for your specific version. Verifying the checksums is platform-specific, so follow the instructions that apply to you. Instructions are available for Windows, macOS, and Linux.

Windows

1. Open a Command Prompt

In the folder with the Clorio Wallet application open a PowerShell command prompt by holding shift and right-clicking. Then click "Open PowerShell here".

2. Hashing the Application

To check if the file has tampered we need to generate the hash of the zip file. To do this, run the following command in PowerShell (replace CLORIO_FILENAME with your filename):

> CertUtil -hashFile CLORIO_FILENAME.zip SHA256

After the command has been prompt a string containing the hash of the file will be displayed. Now compare the hash from Github with the one displayed in PowerShell. If the two hashes match the application has not been tampered.

macOS

1. Open a Terminal and navigate to the Folder

Open a new session of the terminal. Navigate into the folder where Clorio is located (eg. ~/Downloads ) with the following command :

$ cd ~/Downloads

2. Hashing the Application

To check if the file has tampered we need to generate the hash of the dmg file. To do this, run the following command in the terminal (replace CLORIO_FILENAME with your filename):

$ shasum -a 256 CLORIO_FILENAME.dmg

After the command has been prompt a string containing the hash of the file will be displayed. Now compare the hash from Github with the one displayed in the terminal. If the two hashes match the application has not been tampered.

Linux

1. Open a Terminal and navigate to the Folder

Open a new session of the terminal. Navigate into the folder where Clorio is located (eg. ~/Downloads ) with the following command :

$ cd ~/Downloads

2. Hashing the Application

To check if the file has tampered we need to generate the hash of the AppImage file.

To do this, run the following command in the terminal (replace CLORIO_FILENAME with your filename):

$ shasum -a 256 CLORIO_FILENAME.AppImage

After the command has been prompt a string containing the hash of the file will be displayed. Now compare the hash from Github with the one displayed in the terminal. If the two hashes match the application has not been tampered.