Skip to main content

🔧GPG Signature Verification in Daedalus Wallet macOS

MacOS GPG signature verification procedure

  1. Get both the installer file daedalus-*-mainnet-*.pkg and the corresponding signature file daedalus-*-mainnet-*.pkg.asc and store them in the same directory.
  • If you have already installed GPG Suite and created a personal key, proceed to step 13.
    gpg-macos-daedalus-1 gpg-macos-daedalus-2
  1. Go to the GPG Suite section, download and install the .dmg file.
    gpg-macos-daedalus-3
  1. Open the GPG_Suite-*.dmg file.
    gpg-macos-daedalus-4
  1. After GPG Suite is displayed, click Install.pkg to install it. gpg-macos-daedalus-5
  1. The installation of GPG Suite will be displayed, so check the contents and click [Continue].
Welcome to the GPG Suite Installer

Thank you for installing GPG Suite. GPGSuite encrypts, decrypts, signs and verifies files and messages. It's easier than ever to manage your keys and experience the full power of GPG. GPGSuite includes:
• GPG Mail
• GPG Keychain
• GPG Services
• GPG Suite Preferences
• MacGPG

gpg-macos-daedalus-6

  1. Check the contents and click [Continue]. If necessary, click [Save] to obtain the License Agreement .pdf.
License agreement

GPG Suite is a software product developed and distributed by GPGTools GmbH, a limited liability company incorporated and existing under Austrian law. By continuing to install GPG Suite, you agree to be bound by our distribution terms. Distribution conditions: [General terms of distribution "GPG Suite"] (https://gpgtools.org/legal)

gpg-macos-daedalus-7

  1. Check the contents and click [Agree].
🗒️

You must accept the terms of the Software License Agreement to continue installing the software. Click I Agree to continue or Disagree to cancel the installation and exit the installer.

gpg-macos-daedalus-8

  1. Click [Install]. gpg-macos-daedalus-9
  1. Find GPG Keychain from Launchpad and expand it.
    gpg-macos-daedalus-10
  1. Click New.
Create new key

GPG Keychain is an application used to manage keys. You can create new keys, edit existing keys, or search for your friends' keys. The first thing you see in GPG Keychain is a wizard that guides you through creating your first key.

gpg-macos-daedalus-11

  1. Enter name, email address, password, confirm password, and click [Create Key].
💡
mail address

GPG Keychain populates macOS Address Book data. The email field is editable and you are free to change that information. Enter the email address you normally use when sending emails. Make sure it's entered exactly like the one used in the Mail app's Settings > Accounts. It's important, so double check that the case matches. If you use multiple email addresses, you can add more to your key later.

password

Enter a password to protect your OpenPGP key. As with all passwords, it's best to use long passwords. IMPORTANT: Please remember your password. Please keep it in a safe place. No, a text note on your desk is not a safe place. Use a password manager or similar instead. If you lose or forget your password, there is no way to recover it and you may lose access to all your encrypted messages.

gpg-macos-daedalus-12

  1. Click No need for now, as you can do it later.
key created successfully

We recommend uploading your public key to a keyserver to encrypt and verify the authenticity of your messages so that your friends and colleagues can find your public key and start communicating securely. WARNING: Since the keyserver is public, the name and email address you use with your key will be public. Keys cannot be deleted from the keyserver. They can be revoked, but not deleted. If you don't want to use a keyserver, consider attaching your public key to signed and encrypted emails. Upload public key? If you're not sure, you can always do it later. keyserver details and upload and verify /upload-and-verify-your-public-key) method.

gpg-macos-daedalus-13

  1. Click Find Keys.
    gpg-macos-daedalus-14
  1. Enter the following in the search window of [Search public key] and click [Search]. gpg-macos-daedalus-15
signing.authority@iohk.io
  1. Check the contents and click [Import Key].
Found a key with a verified email address:

IOHK signatories<signing.authority@iohk.io>
D325 87D4 090F E461 CAEE 0FF4 966E 5CB9 CBFA A9BA
Do you want to import this key?

gpg-macos-daedalus-16

  1. It will tell you that it has been imported, so click [OK].
    gpg-macos-daedalus-17
  1. Right-click on the imported key, then select Details and verify that the FingerPrint of the imported key is D325 87D4 090F E461 CAEE 0FF4 966E 5CB9 CBFA A9BA. If not, you have imported the wrong key, right click and select Delete. gpg-macos-daedalus-18
  1. Select the imported IOHK key, right-click, and then click Sign. This is a necessary next step in authenticating authenticity.
    gpg-macos-daedalus-19
  1. Check the contents and click [Sign].
🗒️

By signing this key, we verify the identity of the owner of the key and confirm that the key D325 87D4 090F E461 CAEE 0FF4 966E 5CB9 CBFAA9BA with FingerPrint belongs to them. IOHK signatories<signing.authority@iohk.io>

gpg-macos-daedalus-20

  1. Enter the passphrase that you wrote down and click [OK]. gpg-macos-daedalus-21
  1. Validate the installer binaries.
💡

Right-click daedalus-*-mainnet-*.pkg stored in step 1. Do not right click on the **daedalus--mainnet-.pkg.ascfile. This is invalid. ** Confirm thatdaedalus--mainnet-.pkg.ascis in the same directory, and click[Services]->[OpenPGP: Verify file signature]`.

gpg-macos-daedalus-22

  1. If the verification result Verification Results is displayed, it was confirmed that it was correct by GPG signature verification, so it was a success! Thank you for your hard work! gpg-macos-daedalus-23