In the monerod in the monero-gui, there is a command `update download`, this only downloads the update? What does it download, the official package of monero-gui for the platfom (win32, the zip or the installer?) or only monerod itself? Is the download verified? Or does this only happen in the gui itself (found code there)?

It downloads the latest release as per the TXT records from getmonero.org. It checks it with the SHA256 included in those records. I believe it will be a zip file for windows. It will include the wallet binaries too, and some tools.

The GUI has a separate update function IIRC.

You should probably use that one. I do not know how to get to it though.

Girst, thank you very much for the answer! :) I was about to implement all by myself, but it's a bit hardcore learning C++/Qt6 and wasted already almost a day with Botan, so if the download in monerod is verified it saves a lot of work because I anyway control the process and stdin/stdout of monerod, then is only the question where the download will end up. In reality it would then also make sense to update all at once instead of only the monerod. The update

is a requirement of the bounty, so I will at least update the monerod automatically. Does the download end up in the same directory monerod is?

Probably either where monerod is, or its current cwd. The monero-gui update function probably retrieves both gui and daemon. Wait for someone who knows about this to show up and confirm/deny.

can I find old binaries on github?

found it there, hope it will not f... up my blockchain on going one version back...

It should not do so. Don't try the wallet binaries though. That is less solid.

perfect, thank you, will only check what monerod will do.

IIRC, if you have *update*:INFO in the logs (should be default I think), it will tell you where the verified download is saved.

(but, again, if using the GUI, I'd use the GUI update function to ensure you don't end up with mismatched versions of stuff)

I also made an updater which checks downloads against deterministic build sigs. I don't think anyone uses it though.

update check

Update available: v0.18.3.3: downloads.getmonero.org/cli/monero-linux-x64-v0.18.3.3.tar.bz2, hash 47c7e6b4b88a57205800a2538065a7874174cd087eedc2526bee1ebcce0cc5e3

update download

2024-05-13 17:25:02.389 E Failed to connect to updates.getmonero.org/cli/monero-linux-x64-v0.18.3.3.tar.bz2

Error: Problem fetching info --

Seem not to work, although the link is correct, in the browser it downloads. Yeah, using the gui programatically for the update is a stretch, and I don't want to underdeliver, althoug I would prefer to update my things myself :D hate autoupdates and then suddenly something doesn't work anymore and you have no glue what (or that something changed).

with `monero-gui-v0.18.3.2/monerod --check-updates download` get the same error, just FYI.

If youve downloaded the gui as a zip, the update simply downloads the new files and places them in a folder of your choosing. Its up to you to then manually go there and run it. Basic but safer. Im not sure of the behaviour when you have installed the gui and you are in windows. Vthor strange you can download in browser but not gui.. proxy

settings? Hashes must be signed by 2 maintainers, luigi and bf monero-project/monero-gui #2832

monero-gui auto updater checks for sigantures and hash, monerod updater only for hash

Nope, don't use proxy. Same connection. Will try now again in a linux VM and additional in a win32 VM

though I'm not sure if the `update download` command in monerod is even properly implemented

I had no idea there was one xD

Does mooos script exist somewhere?

selsta: thank you very much, means that I need to get the verifier running, hope I can copy the most of that out of monero-gui then.

selsta: makes it sense then even check? Now I know I need anyway to implement it myself, the hashfile I anyway download already, only missing part is to verify the signature of the hash file (what is a bit headache for a absolute C++/Qt 6 beginner, I see already how this project bites in my a**).

It works fine, at least in the common case, it's been around for years now, and it's downloaded and verified various updates.

Bump logs to see what the issue is. I suggest 1,*download*:DEBUG,*update*:DEBUG.

plowsof: you mean the update program I mentioned above ?

Yes

If so, github.com/moneromooo-monero/monero-update. I think I never pushed the GUI support since the GUI decided to not check gitian sigs.

Ah nice, i assume this is what 'monerod update' should be

Well, it's a Qt GUI. Too complex to merge. And it downloads from github. Iffy for monerod.

I just noticed the mention of qt.. awesome

With win32 monerod it fails, too, but another error message, there it cannot open the downloaded zip... So I will give up then on this one, if it is not working, maybe it would be good to remove that parts in monerod cli and args.?

monermoo how you made the verification of the signature in that tool? Botan, OpenPGP, or something else? Can it be static linked? And how much headache it is to get it running on all three platforms?

monerod SHA256 hashes the downloaded file, and compares to the expected hash obtained from the TXT record.

If you mean my monero-update tool, it verifies the PGP signatures published on github by various well known members of the community, and IIRC requires at least two to match.

I think monero-update works on linux/windows/mac. People tried and reported it worked (possibly after I had to fix stuff).

Yeah, the hash and the dl link, not even verifying the hash is a big issue, but verifying the signature of the file with the hashes inside are a headache for me, yet.

Well, on the other side, can the hash and the download link monerod give on `update check` be trusted?

The dl link is built in monerod. The hash is obtained via DNSSEC, records are signed with a key that the monero core team has.

I believe you still got to trust the DNS anchor key and possibly others in the tree from anchor to core team, not 100% sure.

The dl link could be anything really, so MITM on the dl is irrelevant, since if the NSA gives you the right bytes, the joke's on them.

Unless they can give you weak bytes that switch to evil bytes when saved to disk \o/ OMG!

Well, but how I see DNSSEC is out of control from the monero core team as long the certs are not pinned on the client side, are they?

Heck, you always dick down on the root of trust only to figure out at the end there is no trust left over, you smash your device against the wall, burn it and walk away from civilization. Life sucks.

dig, not dick :D The heat makes me nuts.