Verify Releasechecksums, signatures, provenance

1. Checksum

Paste expected and actual SHA-256 values.

2. Signature command

python tools/verify_signature.py artifact.zip artifact.zip.sig
python tools/verify_provenance.py artifact.zip artifact.provenance.json

3. SBOM

Download the SBOM from the release and confirm dependency names match your build.

python tools/generate_sbom.py --out dist/netcoin-sbom.json

Release trust status

Loading health center…