Bitcoin Gold Wallet v0.15.0.2 Release

Originally published at: https://bitcoingold.org/bitcoin-gold-wallet-v0-15-0-2-release/

We’re happy to announce the release of the latest Bitcoin Gold Wallet!

Gitian build system, support for ARM servers, macOS, Raspberry-Pi, config file changes, UI improvements, build script & code cleanup, -bootstrap change…

5 Likes

It means happy wednesday :slight_smile:

An example of how to verify all the files in Ubuntu with GPG:

# Download the public key of h4x3rotab from key server
$ gpg --recv-keys --keyserver keyserver.ubuntu.com 0x38EE12EB597B4FC0
gpg: requesting key 597B4FC0 from hkp server keyserver.ubuntu.com
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 597B4FC0: public key "h4x3rotab <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)

# Verify the the signature of SHA256SUMS.asc
$ gpg --verify SHA256SUMS.asc
gpg: Signature made Sat 06 Jan 2018 07:10:56 PM UTC using RSA key ID 597B4FC0
gpg: Good signature from "h4x3rotab <[email protected]>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 02EC D7F2 1ABE A88B 4270  CB2A 38EE 12EB 597B 4FC0

# Check the checksum of released binares
$ sha256sum -c SHA256SUMS.asc 2>&1 | grep OK

Note this warning:

gpg: Good signature from "h4x3rotab <[email protected]>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.

This does not mean the signature is not valid; it just means that the process was run without first adding h4x3rotab’s public key to the trusted list.

The example shows how the output would look if you run it without taking any extra steps. If you add h4x3robat’s key to your trusted list, that warning will go away.

1 Like

Hmmmm…this is a huge update
Kudos to the development team:+1:

1 Like

Use Quickhash free software to check any SHA signature under Windows also.

2 Likes

I wasn’t aware of that one; thanks.

Personally, I’m a long-time fan of 7zip, which comes with a super feature I sometimes forget about: after installation, you can right-click on any file and ask for the hash:

2 Likes

Indeed there are many ways of verifying that.

Only verifying the hash is not sufficient. It can’t protect you from MITM attach. So the full solution is to validate both the sha256 checksum and the PGP signature in the checksum file.

2 Likes

Thanks! You’re right, of course… but we can’t expect all of us Windows users to do that. If we can get them to check that SHA-256, they’re making a big improvement over what most of them do today.

2 Likes

yeah! Its a huge achievement for Bitcoin Gold.

i downloaded the wallet from this site. but the wallet is stuck and says it is connecting for peers…
the main problem is that i already sent some BCG to the wallet, and now it seems that i am stuck…
can anyone help me?

I’m sure others will reply soon to help you out with your connectivity problem. It will help if you give a little more detail - confirm which version of the Bitcoin Gold wallet you’re running (or when you downloaded it), what kind of computer (PC, Mac, Linux), confirm that you made sure your computer’s firewall is open so that the wallet can connect to other nodes, etc.

My Bitcoin Gold Core wallet shows that it’s currently connecting to the network just fine when I hover over the network connection icon in the lower-right corner (circled in green, here):

image

That was a curious choice to make, sending coin to a wallet address before the wallet software was fully up and running - but, regardless, the coin transaction happens on the blockchain, not in the wallet software. The wallet software just shows you the status on the chain. The coin you sent should be fine, as long as you sent it to a valid address.

You can look at your actual wallet balance on the chain in real-time by entering your public wallet address in the blockchain explorer, here. (Never share your private key with anyone.)

2 Likes

thanks. i downloaded the wallet a couple of days ago.
i know it was not very smart to transfer the coins… water under the bridge.
i can see the coin in the Blockchain explorer … so i believe we are fine. i just need to access it.
my computer shows 0 active connections. so i assume this is the problem… do i need to open a port on the network?
where can i see my private key?
thanks again.
shai

1 Like

What does “stuck” mean? Did it ever started to sync?

You can use the dumpprivkey command in the debug console to extract the key.

  1. Launch your Bitcoin Gold Wallet
  2. Click on ‘help’ in the menu bar
  3. Click on ‘debug window’
  4. Select the ‘console’ tab
  5. If your wallet is protected by a passphrase unlock it by typing walletpassphrase "your walletpassphrase" 600
  6. dumpprivkey “your BTG address”
    This will return the private key

If you don’t need the full node then go for ElectrumG (https://github.com/BTCGPU/electrum/releases) and import you private key there.

2 Likes

thanks, it started to Sync.
i will try to get the key. you certenally didn’t make life easy for someone who is not a computer expert…

To be fair, this was not our design - the wallet functions the same way as the Bitcoin Core Wallet: this is our fork of an industry-standard full-node wallet. While it is an Official wallet and is part of the backbone of the Bitcoin Gold infrastructure, it is not the best choice of wallet for a novice who does not want to learn more. There are consumer-oriented wallets which are probably better for that purpose.

Even if there are ample consumer-oriented wallets, there is still a need for a full-node wallet like this one - it’s just not for everyone’s specific situation.

2 Likes

Check SHA256 values, by using Certutil, utility, in Windows.

Step 1:
Download the latest version of Bitcoin Gold Wallet for Windows, from here:
https://bitcoingold.org/downloads/
*for this example, the downloaded file, named “bitcoin-gold-0.15.2-win64-setup.exe”, will be placed in “C:” (root drive).

Step 2:
Click “Start” and write: “cmd”

Step3:
Use Windows utility “certutil”, to check the SHA256 values, by writing this line of code, in the “cmd” window that just opened:

certutil -hashfile c:\bitcoin-gold-0.15.2-win64-setup.exe SHA256

Step4:
Download “SHA256SUMS.asc” file by clicking “Signed Checksums”, on the download internet page mentioned above.
(https://bitcoingold.org/downloads/)

Step5:
Open “SHA256SUMS.asc” file, with Notepad, or any other text editor.

Step 6:
Check that the values returned from the Certutil utility, match the values written in this file.

Results should look like this:

1 Like

How to scan a file for viruses Online:

use the internet website:
https://www.virustotal.com/gui/home/upload

(it uses over 40 Antivirus Search Engines to scan a file for viruses
Sigcheck - Windows Sysinternals | Microsoft Docs).

Step1:
Open the link mentioned above (VirusTotal).

Step 2:
Click “Choose file”.

Step 3:
Search your local hard-drive for the file you want scanned for viruses.
(it allows files of sizes up to 550MB)

Step 4:
Check results on the page that loads immediately after the virus-scan is complete.

Note:
Some antivirus search engines find viruses in “bitcoin-gold-0.15.0-win64-setup.exe”,
but also, if you hover the mouse over, the respective antivirus engine, there is a Warning:
“May Differ from Commercial off-the-shelf product…”
so maybe it’s NOT actually a virus,
it SORT of MIGHT BE,
but you have to BUY the antivirus,
to KNOW for sure.
i guess it’s some kind of disguised marketing,
and so i iGNORED those antivirus search engines. :slight_smile:

There are malware sites that either run miners in the browser background or else drop mining software on your computer as a payload, and they make your machine mine to their address.

Because of this kind of malware - and because of the use of hijacked computers into mining botnets - mining software and even Full Node software sometimes gets flagged as “malicious,” but it’s a false positive.


Thanks for the guide on how to confirm signatures - more people need to learn to check hashes and signatures on downloaded software, especially when in the crypto spaced.

1 Like