Skip to content
grantlock
Download

Verify your download

Every GrantLock release ships with the means to verify it came from us and arrived intact. You can confirm a download four independent ways — all of them offline. GrantLock does not phone home to verify anything; the proofs travel with the artifact.

1. Verify the checksum (integrity)

Each release publishes a SHA256SUMS manifest listing the SHA-256 of every artifact. Download it alongside your file and confirm the hash matches.

# Linux / macOS
sha256sum --check SHA256SUMS        # Linux
shasum -a 256 --check SHA256SUMS    # macOS

# Windows (PowerShell)
Get-FileHash .\grantlock-<version>-windows.msi -Algorithm SHA256

A matching hash proves the bytes weren't altered in transit. It does not prove the manifest itself is genuine — for that, verify the Ed25519 signature on SHA256SUMS next.

2. Verify the Ed25519 signature on SHA256SUMS (release authenticity)

The SHA256SUMS manifest is itself signed with GrantLock's Ed25519 release key — the same in-house signing chain that protects the auto-updater manifest and license tokens. Verifying this signature proves the checksum list came from us, so the per-file checksums you just checked can be trusted. Each release publishes a detached signature SHA256SUMS.ed25519.sig (base64, one line) and the raw 32-byte public key SHA256SUMS.ed25519.pub. The signature is over the exact raw bytes of SHA256SUMS.

GrantLock's own tooling verifies this automatically — the first-run wizard and the auto-updater check it for you, fully offline. To verify it yourself with standard tools, this Python snippet uses the same cryptography library that produced the signature:

# Verifies SHA256SUMS against the detached Ed25519 signature + public key.
# Fully offline — no network, no key server.
python - <<'PY'
import base64
from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PublicKey
from cryptography.exceptions import InvalidSignature

message   = open("SHA256SUMS", "rb").read()                       # signed bytes
sig       = base64.b64decode(open("SHA256SUMS.ed25519.sig").read().strip())
pub_bytes = open("SHA256SUMS.ed25519.pub", "rb").read()           # raw 32 bytes

# key_id = first 4 bytes of the public key, hex — pin it against the published id.
print("key_id:", pub_bytes[:4].hex())

try:
    Ed25519PublicKey.from_public_bytes(pub_bytes).verify(sig, message)
    print("OK: SHA256SUMS signature is valid")
except InvalidSignature:
    raise SystemExit("FAIL: SHA256SUMS signature did NOT verify")
PY

Ed25519 release key id

The Ed25519 release key is being provisioned. Its key_id and the stable public key will be published here when the first Ed25519-signed SHA256SUMS ships. Each release also carries its own SHA256SUMS.ed25519.pub alongside the signature — GrantLock never ships a fabricated key id.

3. Verify the Sigstore signature (provenance)

Wheels, the source distribution, the installer set, and every SBOM are signed with Sigstore keyless signing. The signature binds each artifact to the exact GitHub Actions workflow run that built it — there is no long-lived key to steal. Verify with cosign or the sigstore Python tool.

# With the sigstore Python tool
pip install sigstore
sigstore verify github \
  --bundle grantlock-<version>.whl.sigstore.json \
  --repository grantlock-ai/grantlock \
  --workflow ".github/workflows/release.yml" \
  grantlock-<version>.whl

# With cosign
cosign verify-blob \
  --bundle grantlock-<version>.whl.sigstore.json \
  --certificate-identity-regexp "https://github.com/grantlock-ai/grantlock/.github/workflows/.+" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  grantlock-<version>.whl

Full SBOM verification recipe lives on the SBOM page.

4. Verify the GPG signature (Linux packages)

Linux .deb and .rpm packages carry a detached GPG signature (.asc). Import the GrantLock release key, then verify.

# Import the GrantLock release public key
curl -fsSL https://grantlock.ai/release-key.asc | gpg --import

# Verify a package against its detached signature
gpg --verify grantlock-<version>-linux.deb.asc grantlock-<version>-linux.deb

GPG release key fingerprint

The GPG release key is being provisioned. Its fingerprint and the armored public key will be published here when the first GPG-signed Linux packages ship. Until then, Linux packages are distributed unsigned (verify them via the Ed25519, Sigstore, and SHA-256 checks above) — GrantLock never ships a fabricated signature.

What each layer proves

  • SHA-256 checksum — the file wasn't corrupted or altered in transit (integrity).
  • Ed25519 signature on SHA256SUMS — the checksum manifest was signed by GrantLock's release key, so the per-file hashes can be trusted (release authenticity). Same in-house chain that protects the auto-updater and license tokens.
  • Sigstore signature — the file was built by GrantLock's published GitHub Actions pipeline, bound to the commit and workflow that produced it (provenance).
  • GPG signature — Linux packages were signed by the GrantLock release key whose fingerprint is published above (authenticity).
  • OS code-signing — Windows Authenticode and macOS notarization (Gatekeeper) are validated automatically by your operating system at install time.

GrantLock's open-source edition phones home to nothing; every verification step above runs entirely offline against material that travels with the download.

Related: SBOM · Security · Releases · Download