This tutorial applies to the verification of the following installation packages:

👉 If you want to authenticate with macOS

Make sure you have already downloaded the install package to your mac.

- Then download GPG file  https://web.onekey-asset.com/app-monorepo/assets/SHA256SUMS.asc

-  Open the command line tool and switch to the directory where the download file is located, e.g.

cd Downloads/

- Use the checksum tool to calculate the shasum value

shasum -a 256 --check SHA256SUMS.asc

-  Check the result; make sure the status of the DMG file you downloaded shows OK

-  If you have not previously installed GNU Privacy Guard (GPG) on your system, install

-  Get the Onekey signature public key

 gpg --keyserver keys.openpgp.org --recv-keys EB68AE544F1FDD8CD264624FB369A67A90BF387B

-  Verify the checksum file

gpg --verify SHA256SUMS.asc

- Verify the checksum result

👉 If you want to authenticate with Windows

- First download the windows installation package

- Then download the desktop client installation package GPG information verification file
https://web.onekey-asset.com/app-monorepo/assets/SHA256SUMS.asc

- Open the CMD and execute the commandcertutil -hashfile file path SHA256 where the file path is the address where the installation package is stored after download

- At this time, the command line prompts the current installation package sha256 results, and the second step to download the SHA256SUMS.asc file comparison, use notepad file to open this file, find the corresponding downloaded file to see if the comparison results are consistent

- Verify that the SHA256SUMS.asc file, is generated by the official OneKey team, this step requires the use of the gpg tool, if not previously installed, you will need to go to https://www.gnupg.org/download/index.en.html#binary to install it, it is recommended that you select the GnuPG installer marked in the image to install it.