Confirm your download matches the published release checksum and signature. Takes ~60 seconds.
HeliumDesktop_Integrity
7e461d51edf7a87ae3a060825ac961dc8d83111c8e59d229d51565d180175fbb
Drop your installer file to compare its SHA256 against the published release hash. Runs locally in your browser.
This SHA256 check runs locally in your browser. Your file is not uploaded.
This file matches the published release hash.
The file does not match the published release hash. Re-download from the official release source.
7e461d51edf7a87ae3a060825ac961dc8d83111c8e59d229d51565d180175fbb
v2.4.1 • Stable
Verification files are published concurrently with each release.
All cryptographic artifacts are uploaded alongside the installers for every release. Download them from the project release source only.
SHA256SUMS.txt
SHA256SUMS.txt.minisig
Use release assets published directly on the project's official GitHub Releases page.
Never trust direct executable links from third-party mirrors, reposts, chats, or shortened URLs.
Because this software interacts natively with private keys and Ledger hardware, supply chain defense starts with you.
Helps confirm the downloaded file matches the published release artifact.
Signature checks help verify the release came from the published project key.
Adds confidence that the file matches the release metadata published by this project.
This protects software integrity. It does not replace safe key storage, offline recovery phrase handling, or hardware wallet verification.
Fast resolutions for the most common verification blockers.
The computed hash does not equal the published checksum.
Wrong file, wrong version, or corrupted download.
Delete the installer. Re-download from the official release source. Compare the file against the matching release checksum only.
If it still mismatches after a clean re-download, stop and verify the release page.
Minisign returns a verification failure.
Wrong public key, wrong signature file, or mismatched release artifacts.
Ensure the .minisig file matches the same release and that the published project public key is exact.
If both hash and signature still fail, do not install.
Command not found in terminal.
Minisign utility is not installed locally.
brew install minisignInstall using your package manager or release binary.
Gatekeeper blocks the app after install.
macOS quarantine flag or unsigned/unapproved app bundle behavior.
xattr -cr /Applications/Helium\ Desktop.appOnly use this if you already verified the installer and understand what you are bypassing.
Windows protected your PC prompt appears.
Unknown publisher reputation on Windows.
If the hash and signature were verified successfully, click More info and then Run anyway.
If verification was not completed, do not bypass SmartScreen.
File downloads but does not launch.
AppImage is missing executable permission.
chmod +x HeliumDesktop.AppImageStill blocked? Re-check the release file, checksum, signature file, and public key before proceeding.
Clear answers to the most common verification concerns.
Download the installer, checksums, signature file, and public key from the published release source.
The release files match the published checksum and signature.