Verify authenticity of Clorio Wallet apps
How to verify that Clorio Wallet for Mina Protocol has not been tampered.
After downloading the desktop application, it's highly recommended to verify the checksum of the application. This ensures that you are using the original Clorio Wallet application and not a tampered version. To see the checksum of a specific version please go to https://github.com/nerdvibe/clorio-client/releases/latest and look for your specific version. Verifying the checksums is platform-specific, so follow the instructions that apply to you. Instructions are available for Windows, macOS, and Linux.
In the folder with the Clorio Wallet application open a PowerShell command prompt by holding shift and right-clicking. Then click "Open PowerShell here".
To check if the file has tampered we need to generate the hash of the zip file. To do this, run the following command in PowerShell (replace CLORIO_FILENAME with your filename):
> CertUtil -hashFile CLORIO_FILENAME.zip SHA256
After the command has been prompt a string containing the hash of the file will be displayed. Now compare the hash from Github with the one displayed in PowerShell. If the two hashes match the application has not been tampered.
Open a new session of the terminal. Navigate into the folder where Clorio is located (eg. ~/Downloads ) with the following command :
$ cd ~/Downloads
To check if the file has tampered we need to generate the hash of the dmg file. To do this, run the following command in the terminal (replace CLORIO_FILENAME with your filename):
$ shasum -a 256 CLORIO_FILENAME.dmg
After the command has been prompt a string containing the hash of the file will be displayed. Now compare the hash from Github with the one displayed in the terminal. If the two hashes match the application has not been tampered.
Open a new session of the terminal. Navigate into the folder where Clorio is located (eg. ~/Downloads ) with the following command :
$ cd ~/Downloads
To check if the file has tampered we need to generate the hash of the AppImage file.
To do this, run the following command in the terminal (replace CLORIO_FILENAME with your filename):
$ shasum -a 256 CLORIO_FILENAME.AppImage
After the command has been prompt a string containing the hash of the file will be displayed. Now compare the hash from Github with the one displayed in the terminal. If the two hashes match the application has not been tampered.