https://bisq.wiki/api.php?action=feedcontributions&user=Ripcurlx&feedformat=atomBisq Wiki - User contributions [en]2024-03-28T13:47:59ZUser contributionsMediaWiki 1.34.0https://bisq.wiki/index.php?title=Downloading_and_installing&diff=3033Downloading and installing2022-10-31T14:52:50Z<p>Ripcurlx: /* macOS */</p>
<hr />
<div>To use Bisq, you must first '''[https://bisq.network/downloads/ download and install]''' it. Most exchanges are centralized exchanges running on servers controlled by the exchange. Bisq is decentralized, running only on the desktops of Bisq users.<br />
<br />
Bisq manages offers to trade using a peer-to-peer network. This is a global network made of users who are also running Bisq on their own computers.<br />
<br />
Centralized services are easy to monitor, block, and shut down, while peer-to-peer networks like BitTorrent, Bitcoin and Bisq are difficult to surveil, censor, shut down or hack.<br />
<br />
All of this means that if you want to use the Bisq network, you must download and run the software on your own machine.<br />
<br />
== Download Bisq ==<br />
<br />
The most convenient way to install Bisq on your machine is from a pre-built install file from the [https://bisq.network/downloads/ Bisq website] or [https://github.com/bisq-network/bisq/releases/latest latest GitHub release].<br />
<br />
There's also a community-maintained [https://snapcraft.io/bisq-desktop Snap package] for various Linux distributions.<br />
<br />
{{Admonition_Note|See [[#OS-specific_install_notes|install notes for various Linux distributions below]].}}<br />
<br />
You can download the installer for your operating system and install Bisq right away, but we strongly recommend that you [[ #Verify installer file | verify the integrity ]] of your installer file first.<br />
<br />
'''If you have issues, please check the ''Known issues with installation'' section in [https://github.com/bisq-network/bisq/releases/latest release notes].'''<br />
<br />
== Verify installer file ==<br />
<br />
Any software that manages funds, signs transactions, and deals with highly sensitive data is a prime target for malware. Bisq does all three. Therefore, it is highly recommended that you verify the integrity of the installer file you use to install Bisq.<br />
<br />
This verification is something that you should do for the initial Bisq install. After the initial install, you will be prompted to install updates through Bisq's interface. The Bisq software will verify the integrity of updates for you.<br />
<br />
Bisq installer files are currently built and signed by Christoph Atteneder (ripcurlx). His public key ID is <code>29CDFD3B</code> and fingerprint is <code>CB36 D7D2 EBB2 E35D 9B75 500B CD5D C1C5 29CD FD3B</code>, which you can verify through [https://github.com/bisq-network/bisq/commits?author=ripcurlx commits on GitHub] and [https://keybase.io/ripcurlx on Keybase].<br />
<br />
The full public key is available [https://bisq.network/pubkey/29CDFD3B.asc here on the Bisq website].<br />
<br />
=== Obtain signature files for installer files ===<br />
<br />
To verify your installer file is intact and as the developer intended, you will need the PGP signature file corresponding to the installer file you downloaded.<br />
<br />
On the [https://bisq.network/downloads/ Bisq website's download page], download the PGP signature file for the installer file you downloaded before.<br />
<br />
If you prefer to download from GitHub, you will see the <code>.asc</code> file for your installer in the assets section [https://github.com/bisq-network/bisq/releases/latest of the release] along with the installer file itself.<br />
<br />
In either case, the filename for the <code>.asc</code> you download should be identical to the filename for the installer file, just with <code>.asc</code> appended (e.g., signature file for <code>Bisq-1.2.7.dmg</code> would be <code>Bisq-1.2.7.dmg.asc</code>).<br />
<br />
Once you've got the installer file and its corresponding signature file, proceed to the directions for your operating system below.<br />
<br />
=== Windows ===<br />
<br />
Once you have downloaded the installer file and corresponding signature file:<br />
<br />
'''Download ripcurlx's public key'''<br />
<br />
Download ripcurlx's public key [https://bisq.network/pubkey/29CDFD3B.asc here on the Bisq website].<br />
<br />
'''Download and install Gpg4win'''<br />
<br />
Windows does not come with GPG software installed by default, so you will need to install it in order to verify Bisq's installer files.<br />
<br />
You can get Gpg4win [https://www.gpg4win.org/ here].<br />
<br />
Double-click the installer file and proceed to install with all default settings.<br />
<br />
'''Import ripcurlx's public key'''<br />
<br />
In Kleopatra, import ripcurlx's public key file <code>29CDFD3B.asc</code>. Select ''No'' if asked to mark the certificate as valid.<br />
<br />
'''Verify the signature of the binary you downloaded'''<br />
<br />
With the <code>install-file.exe</code> and <code>signature-file.exe.asc</code> in the same directory, double-click on the <code>.exe.asc</code> file.<br />
<br />
You should see a Kleopatra window pop up with a green progress bar that says "Verified .exe with .exe.asc". The program will continue to say "The data could not be verified" in bold but you can disregard that message.<br />
<br />
This means the installer file we downloaded is intact and as intended. You can proceed to install Bisq by double-clicking the <code>.exe</code> file.<br />
<br />
=== macOS and Linux ===<br />
<br />
Once you've downloaded the installer file and corresponding signature file:<br />
<br />
'''Import ripcurlx's public key'''<br />
<br />
Run:<br />
<br />
<nowiki>curl https://bisq.network/pubkey/29CDFD3B.asc | gpg --import</nowiki><br />
<br />
You might see an ominous sounding warning along the lines of "This key is not certified with a trusted signature". This basically means that none of the public keys on your machine have signed the key you just imported. It also means that you have not explicitly indicated you trust this key yourself. This is not necessarily a bad thing, but please see more about what this means [https://serverfault.com/a/569923 here]. In short, you can verify the integrity of this key by [[ #Verify installer file | cross-referencing ripcurlx's Bisq commit signatures and Keybase profile]].<br />
<br />
'''Verify the signature of the binary you downloaded'''<br />
<br />
If you are not familiar with GPG (a free open source version of PGP) you probably need to install GPG command line tools first.<br />
Following instructions are taken from https://blog.ghostinthemachines.com/2015/03/01/how-to-use-gpg-command-line.<br />
<br />
The easiest way to install the GPG command line tools on your Mac is to first install Homebrew, a package management system that makes thousands of software packages available for install on your Mac.<br />
<br />
Open a Terminal window (Applications > Utilities menu), then enter the following command.<br />
<br />
<nowiki>ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" </nowiki><br />
<br />
When that’s complete, install the GPG software package with the following command.<br />
<nowiki>brew install gnupg </nowiki><br />
<br />
With the installer file and installer signature file in the same directory, run:<br />
<br />
<nowiki>gpg --digest-algo SHA256 --verify SIGNATURE-FILE.asc </nowiki><br />
<br />
Where <code>SIGNATURE-FILE.asc</code> is the filename of the <code>.asc</code> file you just downloaded.<br />
<br />
'''Common errors'''<br />
<br />
gpg: directory '/Users/bisq/.gnupg' created<br />
gpg: keybox '/Users/bisq/.gnupg/pubring.kbx' created<br />
gpg: can't open 'SIGNATURE-FILE.asc': No such file or directory<br />
gpg: verify signatures failed: No such file or directory<br />
<br />
In this case, you haven't replaced <code>SIGNATURE-FILE.asc</code> with the actual signature file you want to use e.g. <code>Bisq-1.6.4.dmg.asc</code><br />
<br />
gpg: can't open 'Bisq-1.6.4.dmg.asc': No such file or directory<br />
<br />
In this case, you either haven't downloaded the signature file already or you are not in the correct directory. You can run <code>pwd</code> to see the path you are in.<br />
If you want to switch to the directory, where the downloaded files are you can use the [https://www.git-tower.com/learn/git/ebook/en/command-line/appendix/command-line-101/#:~:text=It%20will%20return%20the%20path,%24%20cd%20.. `cd` command] and switch to the correct directory by typing e.g. <code>cd ~/Downloads</code>(switching to the download directory on macOS). To list all files in the current directory you can enter <code>ls -la</code> in your console. <br />
<br />
gpg: assuming signed data in 'Bisq-1.6.4.dmg'<br />
gpg: Signature made Thu May 6 13:32:43 2021 EDT<br />
gpg: using RSA key CB36D7D2EBB2E35D9B75500BCD5DC1C529CDFD3B<br />
gpg: issuer "christoph.atteneder@gmail.com"<br />
gpg: Can't check signature: No public key</nowiki><br />
<br />
In this case, you have not imported the public key successfully. Please follow the guide above on how to import the public key for verification.<br />
<br />
'''Successful verification'''<br />
<br />
You should see output that looks something like:<br />
<br />
gpg: Signature made Thu 13 Feb 2020 01:38:03 PM EST<br />
gpg: using RSA key CB36D7D2EBB2E35D9B75500BCD5DC1C529CDFD3B<br />
gpg: issuer ...<br />
gpg: Good signature from "Christoph Atteneder ..."<br />
<br />
Great, this means the installer file we downloaded is intact and as intended.<br />
<br />
'''Verify jar file after installation'''<br />
<br />
As one last check, you can verify the hash of the jar file after installing Bisq.<br />
<br />
On macOS, the default location of the jar file is:<br />
<br />
/Applications/Bisq.app/Contents/Java/<br />
<br />
On Linux, the default location of the jar file is:<br />
<br />
/opt/bisq/bin/Bisq<br />
<br />
or also<br />
<br />
/opt/bisq/lib/app/<br />
<br />
If you cannot find the jar file in the locations above in Linux, you can try finding it by running<br />
<br />
find / -name "desktop*.jar"<br />
<br />
Get the hash of the jar file with:<br />
<br />
shasum -a256 /path/to/jar/file/jar-name.jar<br />
<br />
The hash you get should match the hash in the <code>.jar.txt</code> file in the [https://github.com/bisq-network/bisq/releases/latest release assets].<br />
<br />
== Build from source ==<br />
<br />
[https://github.com/bisq-network/bisq/blob/master/docs/build.md Building Bisq from source] requires only a single command once you have the correct JDK installed on your machine. <br />
<br />
Finding and installing the correct JDK can sometimes be frustrating, so Bisq's developers have written scripts to make it easier:<br />
* [https://github.com/bisq-network/bisq/blob/master/scripts/install_java.sh For Linux and macOS]<br />
* [https://github.com/bisq-network/bisq/blob/master/scripts/install_java.bat For Windows]<br />
<br />
== OS-specific install notes ==<br />
<br />
=== macOS ===<br />
<br />
Starting with version v1.9.6, we remove notarization from our build pipeline because of of the risk of Apple certification revocation (see https://github.com/bisq-network/bisq/discussions/6341). Unfortunately this will require extra steps when installing Bisq on macOS.<br />
<br />
Please follow the guide at https://support.apple.com/en-us/HT202491 in the section ''If you want to open an app that hasn’t been notarized or is from an unidentified developer''<br />
<br />
If you are running already macOS Ventura (13.0+) you need to do following to be able to start Bisq:<br />
* enter following command in Apple Terminal <code>sudo xattr -rd com.apple.quarantine /Applications/Bisq.app</code><br />
* hit enter and you will be prompted to enter your password to be able to execute the command as super user<br />
<br />
After running this successfully you should be able to start Bisq as always.<br />
<br />
=== Windows ===<br />
<br />
Starting with version v1.9.6, we remove the developer code signing because of the same reason as with Apple.<br />
<br />
For Windows you just have to ignore the warning after you have verified the installation file yourself and proceed with the installation.<br />
<br />
=== Linux (General) ===<br />
<br />
Bisq works with a number of Linux distros, but not all desktop environments are supported. <br />
<br />
These are all known compatible desktop environments. This is a growing list. If you find another compatible desktop, please inform us so it can be added.<br />
<br />
* GNOME<br />
* Mate<br />
* Xfce<br />
* KDE Plasma<br />
* Cinnamon<br />
<br />
Bisq might not work properly if you switch from the original desktop environment of your Linux distribution to a different one.<br />
<br />
Note: users with discrete GPUs may encounter issues launching Bisq in some desktop environments.<br />
<br />
=== Arch Linux ===<br />
<br />
The Bisq [https://bisq.network/downloads/ downloads page] includes a link to the Arch User Repository (AUR) page for the [https://aur.archlinux.org/packages/bisq/ bisq package].<br />
<br />
# From the command line, clone the repository from AUR. <br />
# Then from the cloned directory, run <code>makepkg -si</code>. This will read the PKGBUILD file to download, verify, build, and install the various tools necessary to install Bisq.<br />
<br />
If the version found on AUR is not up to date, you can read [[Fix_Arch_release]].<br />
<br />
Please be advised: when you're using AUR, you're responsible for your own safety. Be sure to verify the PKGBUILD file.<br />
<br />
=== Gentoo ===<br />
<br />
Use <code>eselect repository enable booboo</code> to use the 'booboo' overlay which carries the binaries, and then emerge <code>bisq</code><br />
<br />
=== Tails ===<br />
<br />
Please see [[Running Bisq on Tails]] for details on downloading, installing, and configuring Bisq on Tails.<br />
<br />
=== Qubes ===<br />
<br />
Please see [[Running Bisq on Qubes]] for a detailed Qubes setup guide.<br />
<br />
== Update Bisq ==<br />
<br />
Installing a new Bisq version will update Bisq. More details at [[Updating Bisq]].<br />
<br />
<br />
[[Category:Use Cases]]</div>Ripcurlxhttps://bisq.wiki/index.php?title=Downloading_and_installing&diff=3032Downloading and installing2022-10-31T14:51:47Z<p>Ripcurlx: /* macOS */</p>
<hr />
<div>To use Bisq, you must first '''[https://bisq.network/downloads/ download and install]''' it. Most exchanges are centralized exchanges running on servers controlled by the exchange. Bisq is decentralized, running only on the desktops of Bisq users.<br />
<br />
Bisq manages offers to trade using a peer-to-peer network. This is a global network made of users who are also running Bisq on their own computers.<br />
<br />
Centralized services are easy to monitor, block, and shut down, while peer-to-peer networks like BitTorrent, Bitcoin and Bisq are difficult to surveil, censor, shut down or hack.<br />
<br />
All of this means that if you want to use the Bisq network, you must download and run the software on your own machine.<br />
<br />
== Download Bisq ==<br />
<br />
The most convenient way to install Bisq on your machine is from a pre-built install file from the [https://bisq.network/downloads/ Bisq website] or [https://github.com/bisq-network/bisq/releases/latest latest GitHub release].<br />
<br />
There's also a community-maintained [https://snapcraft.io/bisq-desktop Snap package] for various Linux distributions.<br />
<br />
{{Admonition_Note|See [[#OS-specific_install_notes|install notes for various Linux distributions below]].}}<br />
<br />
You can download the installer for your operating system and install Bisq right away, but we strongly recommend that you [[ #Verify installer file | verify the integrity ]] of your installer file first.<br />
<br />
'''If you have issues, please check the ''Known issues with installation'' section in [https://github.com/bisq-network/bisq/releases/latest release notes].'''<br />
<br />
== Verify installer file ==<br />
<br />
Any software that manages funds, signs transactions, and deals with highly sensitive data is a prime target for malware. Bisq does all three. Therefore, it is highly recommended that you verify the integrity of the installer file you use to install Bisq.<br />
<br />
This verification is something that you should do for the initial Bisq install. After the initial install, you will be prompted to install updates through Bisq's interface. The Bisq software will verify the integrity of updates for you.<br />
<br />
Bisq installer files are currently built and signed by Christoph Atteneder (ripcurlx). His public key ID is <code>29CDFD3B</code> and fingerprint is <code>CB36 D7D2 EBB2 E35D 9B75 500B CD5D C1C5 29CD FD3B</code>, which you can verify through [https://github.com/bisq-network/bisq/commits?author=ripcurlx commits on GitHub] and [https://keybase.io/ripcurlx on Keybase].<br />
<br />
The full public key is available [https://bisq.network/pubkey/29CDFD3B.asc here on the Bisq website].<br />
<br />
=== Obtain signature files for installer files ===<br />
<br />
To verify your installer file is intact and as the developer intended, you will need the PGP signature file corresponding to the installer file you downloaded.<br />
<br />
On the [https://bisq.network/downloads/ Bisq website's download page], download the PGP signature file for the installer file you downloaded before.<br />
<br />
If you prefer to download from GitHub, you will see the <code>.asc</code> file for your installer in the assets section [https://github.com/bisq-network/bisq/releases/latest of the release] along with the installer file itself.<br />
<br />
In either case, the filename for the <code>.asc</code> you download should be identical to the filename for the installer file, just with <code>.asc</code> appended (e.g., signature file for <code>Bisq-1.2.7.dmg</code> would be <code>Bisq-1.2.7.dmg.asc</code>).<br />
<br />
Once you've got the installer file and its corresponding signature file, proceed to the directions for your operating system below.<br />
<br />
=== Windows ===<br />
<br />
Once you have downloaded the installer file and corresponding signature file:<br />
<br />
'''Download ripcurlx's public key'''<br />
<br />
Download ripcurlx's public key [https://bisq.network/pubkey/29CDFD3B.asc here on the Bisq website].<br />
<br />
'''Download and install Gpg4win'''<br />
<br />
Windows does not come with GPG software installed by default, so you will need to install it in order to verify Bisq's installer files.<br />
<br />
You can get Gpg4win [https://www.gpg4win.org/ here].<br />
<br />
Double-click the installer file and proceed to install with all default settings.<br />
<br />
'''Import ripcurlx's public key'''<br />
<br />
In Kleopatra, import ripcurlx's public key file <code>29CDFD3B.asc</code>. Select ''No'' if asked to mark the certificate as valid.<br />
<br />
'''Verify the signature of the binary you downloaded'''<br />
<br />
With the <code>install-file.exe</code> and <code>signature-file.exe.asc</code> in the same directory, double-click on the <code>.exe.asc</code> file.<br />
<br />
You should see a Kleopatra window pop up with a green progress bar that says "Verified .exe with .exe.asc". The program will continue to say "The data could not be verified" in bold but you can disregard that message.<br />
<br />
This means the installer file we downloaded is intact and as intended. You can proceed to install Bisq by double-clicking the <code>.exe</code> file.<br />
<br />
=== macOS and Linux ===<br />
<br />
Once you've downloaded the installer file and corresponding signature file:<br />
<br />
'''Import ripcurlx's public key'''<br />
<br />
Run:<br />
<br />
<nowiki>curl https://bisq.network/pubkey/29CDFD3B.asc | gpg --import</nowiki><br />
<br />
You might see an ominous sounding warning along the lines of "This key is not certified with a trusted signature". This basically means that none of the public keys on your machine have signed the key you just imported. It also means that you have not explicitly indicated you trust this key yourself. This is not necessarily a bad thing, but please see more about what this means [https://serverfault.com/a/569923 here]. In short, you can verify the integrity of this key by [[ #Verify installer file | cross-referencing ripcurlx's Bisq commit signatures and Keybase profile]].<br />
<br />
'''Verify the signature of the binary you downloaded'''<br />
<br />
If you are not familiar with GPG (a free open source version of PGP) you probably need to install GPG command line tools first.<br />
Following instructions are taken from https://blog.ghostinthemachines.com/2015/03/01/how-to-use-gpg-command-line.<br />
<br />
The easiest way to install the GPG command line tools on your Mac is to first install Homebrew, a package management system that makes thousands of software packages available for install on your Mac.<br />
<br />
Open a Terminal window (Applications > Utilities menu), then enter the following command.<br />
<br />
<nowiki>ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" </nowiki><br />
<br />
When that’s complete, install the GPG software package with the following command.<br />
<nowiki>brew install gnupg </nowiki><br />
<br />
With the installer file and installer signature file in the same directory, run:<br />
<br />
<nowiki>gpg --digest-algo SHA256 --verify SIGNATURE-FILE.asc </nowiki><br />
<br />
Where <code>SIGNATURE-FILE.asc</code> is the filename of the <code>.asc</code> file you just downloaded.<br />
<br />
'''Common errors'''<br />
<br />
gpg: directory '/Users/bisq/.gnupg' created<br />
gpg: keybox '/Users/bisq/.gnupg/pubring.kbx' created<br />
gpg: can't open 'SIGNATURE-FILE.asc': No such file or directory<br />
gpg: verify signatures failed: No such file or directory<br />
<br />
In this case, you haven't replaced <code>SIGNATURE-FILE.asc</code> with the actual signature file you want to use e.g. <code>Bisq-1.6.4.dmg.asc</code><br />
<br />
gpg: can't open 'Bisq-1.6.4.dmg.asc': No such file or directory<br />
<br />
In this case, you either haven't downloaded the signature file already or you are not in the correct directory. You can run <code>pwd</code> to see the path you are in.<br />
If you want to switch to the directory, where the downloaded files are you can use the [https://www.git-tower.com/learn/git/ebook/en/command-line/appendix/command-line-101/#:~:text=It%20will%20return%20the%20path,%24%20cd%20.. `cd` command] and switch to the correct directory by typing e.g. <code>cd ~/Downloads</code>(switching to the download directory on macOS). To list all files in the current directory you can enter <code>ls -la</code> in your console. <br />
<br />
gpg: assuming signed data in 'Bisq-1.6.4.dmg'<br />
gpg: Signature made Thu May 6 13:32:43 2021 EDT<br />
gpg: using RSA key CB36D7D2EBB2E35D9B75500BCD5DC1C529CDFD3B<br />
gpg: issuer "christoph.atteneder@gmail.com"<br />
gpg: Can't check signature: No public key</nowiki><br />
<br />
In this case, you have not imported the public key successfully. Please follow the guide above on how to import the public key for verification.<br />
<br />
'''Successful verification'''<br />
<br />
You should see output that looks something like:<br />
<br />
gpg: Signature made Thu 13 Feb 2020 01:38:03 PM EST<br />
gpg: using RSA key CB36D7D2EBB2E35D9B75500BCD5DC1C529CDFD3B<br />
gpg: issuer ...<br />
gpg: Good signature from "Christoph Atteneder ..."<br />
<br />
Great, this means the installer file we downloaded is intact and as intended.<br />
<br />
'''Verify jar file after installation'''<br />
<br />
As one last check, you can verify the hash of the jar file after installing Bisq.<br />
<br />
On macOS, the default location of the jar file is:<br />
<br />
/Applications/Bisq.app/Contents/Java/<br />
<br />
On Linux, the default location of the jar file is:<br />
<br />
/opt/bisq/bin/Bisq<br />
<br />
or also<br />
<br />
/opt/bisq/lib/app/<br />
<br />
If you cannot find the jar file in the locations above in Linux, you can try finding it by running<br />
<br />
find / -name "desktop*.jar"<br />
<br />
Get the hash of the jar file with:<br />
<br />
shasum -a256 /path/to/jar/file/jar-name.jar<br />
<br />
The hash you get should match the hash in the <code>.jar.txt</code> file in the [https://github.com/bisq-network/bisq/releases/latest release assets].<br />
<br />
== Build from source ==<br />
<br />
[https://github.com/bisq-network/bisq/blob/master/docs/build.md Building Bisq from source] requires only a single command once you have the correct JDK installed on your machine. <br />
<br />
Finding and installing the correct JDK can sometimes be frustrating, so Bisq's developers have written scripts to make it easier:<br />
* [https://github.com/bisq-network/bisq/blob/master/scripts/install_java.sh For Linux and macOS]<br />
* [https://github.com/bisq-network/bisq/blob/master/scripts/install_java.bat For Windows]<br />
<br />
== OS-specific install notes ==<br />
<br />
=== macOS ===<br />
<br />
Starting with version v1.9.6, we remove notarization from our build pipeline because of of the risk of Apple certification revocation (see https://github.com/bisq-network/bisq/discussions/6341). Unfortunately this will require extra steps when installing Bisq on macOS.<br />
<br />
Please follow the guide at https://support.apple.com/en-us/HT202491 in the section ''If you want to open an app that hasn’t been notarized or is from an unidentified developer''<br />
<br />
If you are running already macOS Ventura (13.0+) you need to do following to be able to start Bisq:<br />
- enter following command in Apple Terminal <code>sudo xattr -rd com.apple.quarantine /Applications/Bisq.app</code><br />
- hit enter and you will be prompted to enter your password to be able to execute the command as super user<br />
<br />
After running this successfully you should be able to run Bisq as always.<br />
<br />
=== Windows ===<br />
<br />
Starting with version v1.9.6, we remove the developer code signing because of the same reason as with Apple.<br />
<br />
For Windows you just have to ignore the warning after you have verified the installation file yourself and proceed with the installation.<br />
<br />
=== Linux (General) ===<br />
<br />
Bisq works with a number of Linux distros, but not all desktop environments are supported. <br />
<br />
These are all known compatible desktop environments. This is a growing list. If you find another compatible desktop, please inform us so it can be added.<br />
<br />
* GNOME<br />
* Mate<br />
* Xfce<br />
* KDE Plasma<br />
* Cinnamon<br />
<br />
Bisq might not work properly if you switch from the original desktop environment of your Linux distribution to a different one.<br />
<br />
Note: users with discrete GPUs may encounter issues launching Bisq in some desktop environments.<br />
<br />
=== Arch Linux ===<br />
<br />
The Bisq [https://bisq.network/downloads/ downloads page] includes a link to the Arch User Repository (AUR) page for the [https://aur.archlinux.org/packages/bisq/ bisq package].<br />
<br />
# From the command line, clone the repository from AUR. <br />
# Then from the cloned directory, run <code>makepkg -si</code>. This will read the PKGBUILD file to download, verify, build, and install the various tools necessary to install Bisq.<br />
<br />
If the version found on AUR is not up to date, you can read [[Fix_Arch_release]].<br />
<br />
Please be advised: when you're using AUR, you're responsible for your own safety. Be sure to verify the PKGBUILD file.<br />
<br />
=== Gentoo ===<br />
<br />
Use <code>eselect repository enable booboo</code> to use the 'booboo' overlay which carries the binaries, and then emerge <code>bisq</code><br />
<br />
=== Tails ===<br />
<br />
Please see [[Running Bisq on Tails]] for details on downloading, installing, and configuring Bisq on Tails.<br />
<br />
=== Qubes ===<br />
<br />
Please see [[Running Bisq on Qubes]] for a detailed Qubes setup guide.<br />
<br />
== Update Bisq ==<br />
<br />
Installing a new Bisq version will update Bisq. More details at [[Updating Bisq]].<br />
<br />
<br />
[[Category:Use Cases]]</div>Ripcurlxhttps://bisq.wiki/index.php?title=Downloading_and_installing&diff=3031Downloading and installing2022-10-26T18:15:03Z<p>Ripcurlx: /* OS-specific install notes */</p>
<hr />
<div>To use Bisq, you must first '''[https://bisq.network/downloads/ download and install]''' it. Most exchanges are centralized exchanges running on servers controlled by the exchange. Bisq is decentralized, running only on the desktops of Bisq users.<br />
<br />
Bisq manages offers to trade using a peer-to-peer network. This is a global network made of users who are also running Bisq on their own computers.<br />
<br />
Centralized services are easy to monitor, block, and shut down, while peer-to-peer networks like BitTorrent, Bitcoin and Bisq are difficult to surveil, censor, shut down or hack.<br />
<br />
All of this means that if you want to use the Bisq network, you must download and run the software on your own machine.<br />
<br />
== Download Bisq ==<br />
<br />
The most convenient way to install Bisq on your machine is from a pre-built install file from the [https://bisq.network/downloads/ Bisq website] or [https://github.com/bisq-network/bisq/releases/latest latest GitHub release].<br />
<br />
There's also a community-maintained [https://snapcraft.io/bisq-desktop Snap package] for various Linux distributions.<br />
<br />
{{Admonition_Note|See [[#OS-specific_install_notes|install notes for various Linux distributions below]].}}<br />
<br />
You can download the installer for your operating system and install Bisq right away, but we strongly recommend that you [[ #Verify installer file | verify the integrity ]] of your installer file first.<br />
<br />
'''If you have issues, please check the ''Known issues with installation'' section in [https://github.com/bisq-network/bisq/releases/latest release notes].'''<br />
<br />
== Verify installer file ==<br />
<br />
Any software that manages funds, signs transactions, and deals with highly sensitive data is a prime target for malware. Bisq does all three. Therefore, it is highly recommended that you verify the integrity of the installer file you use to install Bisq.<br />
<br />
This verification is something that you should do for the initial Bisq install. After the initial install, you will be prompted to install updates through Bisq's interface. The Bisq software will verify the integrity of updates for you.<br />
<br />
Bisq installer files are currently built and signed by Christoph Atteneder (ripcurlx). His public key ID is <code>29CDFD3B</code> and fingerprint is <code>CB36 D7D2 EBB2 E35D 9B75 500B CD5D C1C5 29CD FD3B</code>, which you can verify through [https://github.com/bisq-network/bisq/commits?author=ripcurlx commits on GitHub] and [https://keybase.io/ripcurlx on Keybase].<br />
<br />
The full public key is available [https://bisq.network/pubkey/29CDFD3B.asc here on the Bisq website].<br />
<br />
=== Obtain signature files for installer files ===<br />
<br />
To verify your installer file is intact and as the developer intended, you will need the PGP signature file corresponding to the installer file you downloaded.<br />
<br />
On the [https://bisq.network/downloads/ Bisq website's download page], download the PGP signature file for the installer file you downloaded before.<br />
<br />
If you prefer to download from GitHub, you will see the <code>.asc</code> file for your installer in the assets section [https://github.com/bisq-network/bisq/releases/latest of the release] along with the installer file itself.<br />
<br />
In either case, the filename for the <code>.asc</code> you download should be identical to the filename for the installer file, just with <code>.asc</code> appended (e.g., signature file for <code>Bisq-1.2.7.dmg</code> would be <code>Bisq-1.2.7.dmg.asc</code>).<br />
<br />
Once you've got the installer file and its corresponding signature file, proceed to the directions for your operating system below.<br />
<br />
=== Windows ===<br />
<br />
Once you have downloaded the installer file and corresponding signature file:<br />
<br />
'''Download ripcurlx's public key'''<br />
<br />
Download ripcurlx's public key [https://bisq.network/pubkey/29CDFD3B.asc here on the Bisq website].<br />
<br />
'''Download and install Gpg4win'''<br />
<br />
Windows does not come with GPG software installed by default, so you will need to install it in order to verify Bisq's installer files.<br />
<br />
You can get Gpg4win [https://www.gpg4win.org/ here].<br />
<br />
Double-click the installer file and proceed to install with all default settings.<br />
<br />
'''Import ripcurlx's public key'''<br />
<br />
In Kleopatra, import ripcurlx's public key file <code>29CDFD3B.asc</code>. Select ''No'' if asked to mark the certificate as valid.<br />
<br />
'''Verify the signature of the binary you downloaded'''<br />
<br />
With the <code>install-file.exe</code> and <code>signature-file.exe.asc</code> in the same directory, double-click on the <code>.exe.asc</code> file.<br />
<br />
You should see a Kleopatra window pop up with a green progress bar that says "Verified .exe with .exe.asc". The program will continue to say "The data could not be verified" in bold but you can disregard that message.<br />
<br />
This means the installer file we downloaded is intact and as intended. You can proceed to install Bisq by double-clicking the <code>.exe</code> file.<br />
<br />
=== macOS and Linux ===<br />
<br />
Once you've downloaded the installer file and corresponding signature file:<br />
<br />
'''Import ripcurlx's public key'''<br />
<br />
Run:<br />
<br />
<nowiki>curl https://bisq.network/pubkey/29CDFD3B.asc | gpg --import</nowiki><br />
<br />
You might see an ominous sounding warning along the lines of "This key is not certified with a trusted signature". This basically means that none of the public keys on your machine have signed the key you just imported. It also means that you have not explicitly indicated you trust this key yourself. This is not necessarily a bad thing, but please see more about what this means [https://serverfault.com/a/569923 here]. In short, you can verify the integrity of this key by [[ #Verify installer file | cross-referencing ripcurlx's Bisq commit signatures and Keybase profile]].<br />
<br />
'''Verify the signature of the binary you downloaded'''<br />
<br />
If you are not familiar with GPG (a free open source version of PGP) you probably need to install GPG command line tools first.<br />
Following instructions are taken from https://blog.ghostinthemachines.com/2015/03/01/how-to-use-gpg-command-line.<br />
<br />
The easiest way to install the GPG command line tools on your Mac is to first install Homebrew, a package management system that makes thousands of software packages available for install on your Mac.<br />
<br />
Open a Terminal window (Applications > Utilities menu), then enter the following command.<br />
<br />
<nowiki>ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" </nowiki><br />
<br />
When that’s complete, install the GPG software package with the following command.<br />
<nowiki>brew install gnupg </nowiki><br />
<br />
With the installer file and installer signature file in the same directory, run:<br />
<br />
<nowiki>gpg --digest-algo SHA256 --verify SIGNATURE-FILE.asc </nowiki><br />
<br />
Where <code>SIGNATURE-FILE.asc</code> is the filename of the <code>.asc</code> file you just downloaded.<br />
<br />
'''Common errors'''<br />
<br />
gpg: directory '/Users/bisq/.gnupg' created<br />
gpg: keybox '/Users/bisq/.gnupg/pubring.kbx' created<br />
gpg: can't open 'SIGNATURE-FILE.asc': No such file or directory<br />
gpg: verify signatures failed: No such file or directory<br />
<br />
In this case, you haven't replaced <code>SIGNATURE-FILE.asc</code> with the actual signature file you want to use e.g. <code>Bisq-1.6.4.dmg.asc</code><br />
<br />
gpg: can't open 'Bisq-1.6.4.dmg.asc': No such file or directory<br />
<br />
In this case, you either haven't downloaded the signature file already or you are not in the correct directory. You can run <code>pwd</code> to see the path you are in.<br />
If you want to switch to the directory, where the downloaded files are you can use the [https://www.git-tower.com/learn/git/ebook/en/command-line/appendix/command-line-101/#:~:text=It%20will%20return%20the%20path,%24%20cd%20.. `cd` command] and switch to the correct directory by typing e.g. <code>cd ~/Downloads</code>(switching to the download directory on macOS). To list all files in the current directory you can enter <code>ls -la</code> in your console. <br />
<br />
gpg: assuming signed data in 'Bisq-1.6.4.dmg'<br />
gpg: Signature made Thu May 6 13:32:43 2021 EDT<br />
gpg: using RSA key CB36D7D2EBB2E35D9B75500BCD5DC1C529CDFD3B<br />
gpg: issuer "christoph.atteneder@gmail.com"<br />
gpg: Can't check signature: No public key</nowiki><br />
<br />
In this case, you have not imported the public key successfully. Please follow the guide above on how to import the public key for verification.<br />
<br />
'''Successful verification'''<br />
<br />
You should see output that looks something like:<br />
<br />
gpg: Signature made Thu 13 Feb 2020 01:38:03 PM EST<br />
gpg: using RSA key CB36D7D2EBB2E35D9B75500BCD5DC1C529CDFD3B<br />
gpg: issuer ...<br />
gpg: Good signature from "Christoph Atteneder ..."<br />
<br />
Great, this means the installer file we downloaded is intact and as intended.<br />
<br />
'''Verify jar file after installation'''<br />
<br />
As one last check, you can verify the hash of the jar file after installing Bisq.<br />
<br />
On macOS, the default location of the jar file is:<br />
<br />
/Applications/Bisq.app/Contents/Java/<br />
<br />
On Linux, the default location of the jar file is:<br />
<br />
/opt/bisq/bin/Bisq<br />
<br />
or also<br />
<br />
/opt/bisq/lib/app/<br />
<br />
If you cannot find the jar file in the locations above in Linux, you can try finding it by running<br />
<br />
find / -name "desktop*.jar"<br />
<br />
Get the hash of the jar file with:<br />
<br />
shasum -a256 /path/to/jar/file/jar-name.jar<br />
<br />
The hash you get should match the hash in the <code>.jar.txt</code> file in the [https://github.com/bisq-network/bisq/releases/latest release assets].<br />
<br />
== Build from source ==<br />
<br />
[https://github.com/bisq-network/bisq/blob/master/docs/build.md Building Bisq from source] requires only a single command once you have the correct JDK installed on your machine. <br />
<br />
Finding and installing the correct JDK can sometimes be frustrating, so Bisq's developers have written scripts to make it easier:<br />
* [https://github.com/bisq-network/bisq/blob/master/scripts/install_java.sh For Linux and macOS]<br />
* [https://github.com/bisq-network/bisq/blob/master/scripts/install_java.bat For Windows]<br />
<br />
== OS-specific install notes ==<br />
<br />
=== macOS ===<br />
<br />
Starting with version v1.9.6, we remove notarization from our build pipeline because of of the risk of Apple certification revocation (see https://github.com/bisq-network/bisq/discussions/6341). Unfortunately this will require extra steps when installing Bisq on macOS.<br />
<br />
Please follow the guide at https://support.apple.com/en-us/HT202491 in the section ''If you want to open an app that hasn’t been notarized or is from an unidentified developer''<br />
<br />
=== Windows ===<br />
<br />
Starting with version v1.9.6, we remove the developer code signing because of the same reason as with Apple.<br />
<br />
For Windows you just have to ignore the warning after you have verified the installation file yourself and proceed with the installation.<br />
<br />
=== Linux (General) ===<br />
<br />
Bisq works with a number of Linux distros, but not all desktop environments are supported. <br />
<br />
These are all known compatible desktop environments. This is a growing list. If you find another compatible desktop, please inform us so it can be added.<br />
<br />
* GNOME<br />
* Mate<br />
* Xfce<br />
* KDE Plasma<br />
* Cinnamon<br />
<br />
Bisq might not work properly if you switch from the original desktop environment of your Linux distribution to a different one.<br />
<br />
Note: users with discrete GPUs may encounter issues launching Bisq in some desktop environments.<br />
<br />
=== Arch Linux ===<br />
<br />
The Bisq [https://bisq.network/downloads/ downloads page] includes a link to the Arch User Repository (AUR) page for the [https://aur.archlinux.org/packages/bisq/ bisq package].<br />
<br />
# From the command line, clone the repository from AUR. <br />
# Then from the cloned directory, run <code>makepkg -si</code>. This will read the PKGBUILD file to download, verify, build, and install the various tools necessary to install Bisq.<br />
<br />
If the version found on AUR is not up to date, you can read [[Fix_Arch_release]].<br />
<br />
Please be advised: when you're using AUR, you're responsible for your own safety. Be sure to verify the PKGBUILD file.<br />
<br />
=== Gentoo ===<br />
<br />
Use <code>eselect repository enable booboo</code> to use the 'booboo' overlay which carries the binaries, and then emerge <code>bisq</code><br />
<br />
=== Tails ===<br />
<br />
Please see [[Running Bisq on Tails]] for details on downloading, installing, and configuring Bisq on Tails.<br />
<br />
=== Qubes ===<br />
<br />
Please see [[Running Bisq on Qubes]] for a detailed Qubes setup guide.<br />
<br />
== Update Bisq ==<br />
<br />
Installing a new Bisq version will update Bisq. More details at [[Updating Bisq]].<br />
<br />
<br />
[[Category:Use Cases]]</div>Ripcurlxhttps://bisq.wiki/index.php?title=Downloading_and_installing&diff=2262Downloading and installing2021-05-26T08:32:28Z<p>Ripcurlx: /* Verify installer file */</p>
<hr />
<div>To use Bisq, you must first '''download and install''' it. Unlike most exchanges, Bisq doesn’t run a centralized server for making and taking offers, so trading on a website isn't possible.<br />
<br />
Instead, Bisq manages offers to trade using a peer-to-peer network—a global network of people who are also running Bisq on their own computers.<br />
<br />
This is good news for you as a user, because centralized services are easy to monitor, block, and shut down, while peer-to-peer networks like BitTorrent, Bitcoin and Bisq are difficult to surveil, censor, and hack.<br />
<br />
All of this means that if you want to use the Bisq network, you’ve got to download and run the software too!<br />
<br />
== Download Bisq ==<br />
<br />
The most convenient way to install Bisq on your machine is from a pre-built install file from the [https://bisq.network/downloads/ Bisq website] or [https://github.com/bisq-network/bisq/releases/latest latest GitHub release].<br />
<br />
There's also a community-maintained [https://snapcraft.io/bisq-desktop Snap package] for various Linux distributions.<br />
<br />
{{Admonition_Note|See [[#OS-specific_install_notes|install notes for various Linux distributions below]].}}<br />
<br />
You can download the installer for your operating system and install Bisq right away, but we strongly recommend that you [[ #Verify installer file | verify the integrity ]] of your installer file first.<br />
<br />
'''If you have issues, please check the ''Known issues with installation'' section in [https://github.com/bisq-network/bisq/releases/latest release notes].'''<br />
<br />
== Verify installer file ==<br />
<br />
Any software that manages funds, signs transactions, and deals with highly sensitive data is a prime target for malware. Bisq does all 3. Therefore it's highly recommended that you verify the integrity of the installer file you use to install Bisq.<br />
<br />
This is just something you should do for the initial Bisq install—afterward, when updates to Bisq are available, you'll be prompted to download and install them through Bisq's interface, and the software will verify the integrity of updates for you.<br />
<br />
Bisq installer files are currently built and signed by Christoph Atteneder (ripcurlx). His public key ID is <code>29CDFD3B</code> and fingerprint is <code>CB36 D7D2 EBB2 E35D 9B75 500B CD5D C1C5 29CD FD3B</code>, which you can verify through [https://github.com/bisq-network/bisq/commits?author=ripcurlx commits on GitHub] and [https://keybase.io/ripcurlx on Keybase].<br />
<br />
The full public key is available [https://bisq.network/pubkey/29CDFD3B.asc here on the Bisq website].<br />
<br />
=== Obtain signature files for installer files ===<br />
<br />
To verify your installer file is intact and as the developer intended, you'll need the PGP signature file corresponding to the installer file you downloaded.<br />
<br />
On the Bisq website's download page, download the PGP signature file for the installer file you downloaded before.<br />
<br />
If you'd prefer to download from GitHub instead, you'll see the <code>.asc</code> file for your installer in the assets section [https://github.com/bisq-network/bisq/releases/latest of the release] along with the installer file itself.<br />
<br />
In either case, the filename for the <code>.asc</code> you download should be identical to the filename for the installer file, just with <code>.asc</code> appended (e.g., signature file for <code>Bisq-1.2.7.dmg</code> would be <code>Bisq-1.2.7.dmg.asc</code>).<br />
<br />
Once you've got the installer file and its corresponding signature file, proceed to the directions for your operating system below.<br />
<br />
=== Windows ===<br />
<br />
Once you've downloaded the installer file and corresponding signature file:<br />
<br />
'''Download ripcurlx's public key'''<br />
<br />
Download ripcurlx's public key [https://bisq.network/pubkey/29CDFD3B.asc here on the Bisq website].<br />
<br />
'''Download and install Gpg4win'''<br />
<br />
Windows doesn't come with GPG software installed by default, so you'll need to install it in order to verify Bisq's installer files.<br />
<br />
You can get Gpg4win [https://www.gpg4win.org/ here].<br />
<br />
Double-click the installer file and proceed to install with all default settings.<br />
<br />
'''Import ripcurlx's public key'''<br />
<br />
In Kleopatra, import ripcurlx's public key file <code>29CDFD3B.asc</code>. Select ''No'' if asked to mark the certificate as valid.<br />
<br />
'''Verify the signature of the binary you downloaded'''<br />
<br />
With the <code>install-file.exe</code> and <code>signature-file.exe.asc</code> in the same directory, double-click on the <code>.exe.asc</code> file.<br />
<br />
You should see a Kleopatra window pop up with a green progress bar that says "Verified .exe with .exe.asc". The program will continue to say "The data could not be verified" in bold but you can disregard that message.<br />
<br />
This means the installer file we downloaded is intact and as intended! You can proceed to install Bisq by double-clicking the <code>.exe</code> file.<br />
<br />
=== macOS and Linux ===<br />
<br />
Once you've downloaded the installer file and corresponding signature file:<br />
<br />
'''Import ripcurlx's public key'''<br />
<br />
Run:<br />
<br />
<nowiki>curl https://bisq.network/pubkey/29CDFD3B.asc | gpg --import</nowiki><br />
<br />
You might see an ominous-sounding warning along the lines of "This key is not certified with a trusted signature". This basically means that none of the public keys on your machine have signed the key you just imported (and that you haven't explicitly indicated you trust this key yourself). This is not necessarily a bad thing, but please see more about what this means [https://serverfault.com/a/569923 here]. In short, you can verify the integrity of this key by [[ #Verify installer file | cross-referencing ripcurlx's Bisq commit signatures and Keybase profile]].<br />
<br />
'''Verify the signature of the binary you downloaded'''<br />
<br />
If you are not familiar with GPG (a free open source version of PGP) you probably need to install GPG command line tools first.<br />
Following instructions are taken from https://blog.ghostinthemachines.com/2015/03/01/how-to-use-gpg-command-line.<br />
<br />
<cite>The easiest way to install the GPG command line tools on your Mac is to first install Homebrew, a package management system that makes thousands of software packages available for install on your Mac.</cite><br />
<br />
<cite>Open a Terminal window (Applications > Utilities menu), then enter the following command.</cite><br />
<br />
<nowiki>ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" </nowiki><br />
<br />
<cite>When that’s complete, install the GPG software package with the following command.</cite><br />
<nowiki>brew install gnupg </nowiki><br />
<br />
With the installer file and installer signature file in the same directory, run:<br />
<br />
<nowiki>gpg --digest-algo SHA256 --verify SIGNATURE-FILE.asc </nowiki><br />
<br />
Where <code>SIGNATURE-FILE.asc</code> is the filename of the <code>.asc</code> file you just downloaded.<br />
<br />
'''Common errors'''<br />
<br />
gpg: directory '/Users/bisq/.gnupg' created<br />
gpg: keybox '/Users/bisq/.gnupg/pubring.kbx' created<br />
gpg: can't open 'SIGNATURE-FILE.asc': No such file or directory<br />
gpg: verify signatures failed: No such file or directory<br />
<br />
In this case you haven't replaced <code>SIGNATURE-FILE.asc</code> with the actual signature file you want to use e.g. <code>Bisq-1.6.4.dmg.asc</code><br />
<br />
gpg: can't open 'Bisq-1.6.4.dmg.asc': No such file or directory<br />
<br />
In this case you either haven't downloaded the signature file already or you are not in the correct directory. You can run <code>pwd</code> to see the path you are in.<br />
If you want to switch to the directory, where the downloaded files are you can use the [https://www.git-tower.com/learn/git/ebook/en/command-line/appendix/command-line-101/#:~:text=It%20will%20return%20the%20path,%24%20cd%20.. `cd` command] and switch to the correct directory by typing e.g. <code>cd ~/Downloads</code>(switching to the download directory on macOS). To list all files in the current directory you can enter <code>ls -la</code> in your console. <br />
<br />
gpg: assuming signed data in 'Bisq-1.6.4.dmg'<br />
gpg: Signature made Thu May 6 13:32:43 2021 EDT<br />
gpg: using RSA key CB36D7D2EBB2E35D9B75500BCD5DC1C529CDFD3B<br />
gpg: issuer "christoph.atteneder@gmail.com"<br />
gpg: Can't check signature: No public key</nowiki><br />
<br />
In this case you haven't imported the public key successfully. Please follow the guide above on how to import the public key for verification.<br />
<br />
'''Successful verification'''<br />
<br />
You should see output that looks something like:<br />
<br />
gpg: Signature made Thu 13 Feb 2020 01:38:03 PM EST<br />
gpg: using RSA key CB36D7D2EBB2E35D9B75500BCD5DC1C529CDFD3B<br />
gpg: issuer ...<br />
gpg: Good signature from "Christoph Atteneder ..."<br />
<br />
Great—this means the installer file we downloaded is intact and as intended!<br />
<br />
'''Verify jar file after installation'''<br />
<br />
As one last check, you can verify the hash of the jar file after installing Bisq.<br />
<br />
On macOS, the default location of the jar file is:<br />
<br />
/Applications/Bisq.app/Contents/Java/<br />
<br />
On Linux, the default location of the jar file is:<br />
<br />
/opt/bisq/bin/Bisq<br />
<br />
Get the hash of the jar file with:<br />
<br />
shasum -a256 /path/to/jar/file/jar-name.jar<br />
<br />
The hash you get should match the hash in the <code>.jar.txt</code> file in the [https://github.com/bisq-network/bisq/releases/latest release assets].<br />
<br />
== Build from source ==<br />
<br />
[https://github.com/bisq-network/bisq/blob/master/docs/build.md Building Bisq from source] requires just 1 command once you have the correct JDK installed on your machine. <br />
<br />
Finding and installing the correct JDK can sometimes be frustrating, so Bisq's developers have written scripts to make it easier:<br />
* [https://github.com/bisq-network/bisq/blob/master/scripts/install_java.sh For Linux and macOS]<br />
* [https://github.com/bisq-network/bisq/blob/master/scripts/install_java.bat For Windows]<br />
<br />
== OS-specific install notes ==<br />
<br />
=== Linux (General) ===<br />
<br />
Bisq works with a number of Linux distros, but not all desktop environments are supported. <br />
<br />
These are all known working desktop environments (it's a growing list—if you find another one that works, please add it!):<br />
<br />
* GNOME<br />
* Mate<br />
* Xfce<br />
* KDE Plasma<br />
* Cinnamon<br />
<br />
Bisq might not work properly if you switch from the original desktop environment of your Linux distribution to a different one.<br />
<br />
Note: users with discrete GPUs may encounter issues launching Bisq in some desktop environments.<br />
<br />
=== Arch Linux ===<br />
<br />
The Bisq [https://bisq.network/downloads/ downloads page] includes a link to the Arch User Repository (AUR) page for the [https://aur.archlinux.org/packages/bisq/ bisq package].<br />
<br />
# From the command line, clone the repository from AUR. <br />
# Then from the cloned directory, run <code>makepkg -si</code>. This will read the PKGBUILD file to download, verify, build, and install the various tools necessary to install Bisq.<br />
<br />
Please be advised: when you're using AUR, you're responsible for your own safety. Be sure to verify the PKGBUILD file.<br />
<br />
=== Tails ===<br />
<br />
Please see [[Running Bisq on Tails]] for details on downloading, installing, and configuring Bisq on Tails.<br />
<br />
=== Qubes ===<br />
<br />
Please see [[Running Bisq on Qubes]] for a detailed Qubes setup guide.<br />
<br />
<br />
[[Category:Use Cases]]</div>Ripcurlxhttps://bisq.wiki/index.php?title=Downloading_and_installing&diff=2261Downloading and installing2021-05-25T14:24:16Z<p>Ripcurlx: </p>
<hr />
<div>To use Bisq, you must first '''download and install''' it. Unlike most exchanges, Bisq doesn’t run a centralized server for making and taking offers, so trading on a website isn't possible.<br />
<br />
Instead, Bisq manages offers to trade using a peer-to-peer network—a global network of people who are also running Bisq on their own computers.<br />
<br />
This is good news for you as a user, because centralized services are easy to monitor, block, and shut down, while peer-to-peer networks like BitTorrent, Bitcoin and Bisq are difficult to surveil, censor, and hack.<br />
<br />
All of this means that if you want to use the Bisq network, you’ve got to download and run the software too!<br />
<br />
== Download Bisq ==<br />
<br />
The most convenient way to install Bisq on your machine is from a pre-built install file from the [https://bisq.network/downloads/ Bisq website] or [https://github.com/bisq-network/bisq/releases/latest latest GitHub release].<br />
<br />
There's also a community-maintained [https://snapcraft.io/bisq-desktop Snap package] for various Linux distributions.<br />
<br />
{{Admonition_Note|See [[#OS-specific_install_notes|install notes for various Linux distributions below]].}}<br />
<br />
You can download the installer for your operating system and install Bisq right away, but we strongly recommend that you [[ #Verify installer file | verify the integrity ]] of your installer file first.<br />
<br />
'''If you have issues, please check the ''Known issues with installation'' section in [https://github.com/bisq-network/bisq/releases/latest release notes].'''<br />
<br />
== Verify installer file ==<br />
<br />
Any software that manages funds, signs transactions, and deals with highly sensitive data is a prime target for malware. Bisq does all 3. Therefore it's highly recommended that you verify the integrity of the installer file you use to install Bisq.<br />
<br />
This is just something you should do for the initial Bisq install—afterward, when updates to Bisq are available, you'll be prompted to download and install them through Bisq's interface, and the software will verify the integrity of updates for you.<br />
<br />
Bisq installer files are currently built and signed by Christoph Atteneder (ripcurlx). His public key ID is <code>29CDFD3B</code> and fingerprint is <code>CB36 D7D2 EBB2 E35D 9B75 500B CD5D C1C5 29CD FD3B</code>, which you can verify through [https://github.com/bisq-network/bisq/commits?author=ripcurlx commits on GitHub] and [https://keybase.io/ripcurlx on Keybase].<br />
<br />
The full public key is available [https://bisq.network/pubkey/29CDFD3B.asc here on the Bisq website].<br />
<br />
=== Obtain signature files for installer files ===<br />
<br />
To verify your installer file is intact and as the developer intended, you'll need the PGP signature file corresponding to the installer file you downloaded.<br />
<br />
On the Bisq website's download page, download the PGP signature file for the installer file you downloaded before.<br />
<br />
If you'd prefer to download from GitHub instead, you'll see the <code>.asc</code> file for your installer in the assets section [https://github.com/bisq-network/bisq/releases/latest of the release] along with the installer file itself.<br />
<br />
In either case, the filename for the <code>.asc</code> you download should be identical to the filename for the installer file, just with <code>.asc</code> appended (e.g., signature file for <code>Bisq-1.2.7.dmg</code> would be <code>Bisq-1.2.7.dmg.asc</code>).<br />
<br />
Once you've got the installer file and its corresponding signature file, proceed to the directions for your operating system below.<br />
<br />
=== Windows ===<br />
<br />
Once you've downloaded the installer file and corresponding signature file:<br />
<br />
'''Download ripcurlx's public key'''<br />
<br />
Download ripcurlx's public key [https://bisq.network/pubkey/29CDFD3B.asc here on the Bisq website].<br />
<br />
'''Download and install Gpg4win'''<br />
<br />
Windows doesn't come with GPG software installed by default, so you'll need to install it in order to verify Bisq's installer files.<br />
<br />
You can get Gpg4win [https://www.gpg4win.org/ here].<br />
<br />
Double-click the installer file and proceed to install with all default settings.<br />
<br />
'''Import ripcurlx's public key'''<br />
<br />
In Kleopatra, import ripcurlx's public key file <code>29CDFD3B.asc</code>. Select ''No'' if asked to mark the certificate as valid.<br />
<br />
'''Verify the signature of the binary you downloaded'''<br />
<br />
With the <code>install-file.exe</code> and <code>signature-file.exe.asc</code> in the same directory, double-click on the <code>.exe.asc</code> file.<br />
<br />
You should see a Kleopatra window pop up with a green progress bar that says "Verified .exe with .exe.asc". The program will continue to say "The data could not be verified" in bold but you can disregard that message.<br />
<br />
This means the installer file we downloaded is intact and as intended! You can proceed to install Bisq by double-clicking the <code>.exe</code> file.<br />
<br />
=== macOS and Linux ===<br />
<br />
Once you've downloaded the installer file and corresponding signature file:<br />
<br />
'''Import ripcurlx's public key'''<br />
<br />
Run:<br />
<br />
<nowiki>curl https://bisq.network/pubkey/29CDFD3B.asc | gpg --import</nowiki><br />
<br />
You might see an ominous-sounding warning along the lines of "This key is not certified with a trusted signature". This basically means that none of the public keys on your machine have signed the key you just imported (and that you haven't explicitly indicated you trust this key yourself). This is not necessarily a bad thing, but please see more about what this means [https://serverfault.com/a/569923 here]. In short, you can verify the integrity of this key by [[ #Verify installer file | cross-referencing ripcurlx's Bisq commit signatures and Keybase profile]].<br />
<br />
'''Verify the signature of the binary you downloaded'''<br />
<br />
If you are not familiar with GPG (a free open source version of PGP) you probably need to install GPG command line tools first.<br />
Following instructions are taken from https://blog.ghostinthemachines.com/2015/03/01/how-to-use-gpg-command-line.<br />
<br />
<cite>The easiest way to install the GPG command line tools on your Mac is to first install Homebrew, a package management system that makes thousands of software packages available for install on your Mac.</cite><br />
<br />
<cite>Open a Terminal window (Applications > Utilities menu), then enter the following command.</cite><br />
<br />
<nowiki>ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" </nowiki><br />
<br />
<cite>When that’s complete, install the GPG software package with the following command.</cite><br />
<nowiki>brew install gnupg </nowiki><br />
<br />
With the installer file and installer signature file in the same directory, run:<br />
<br />
<nowiki>gpg --digest-algo SHA256 --verify SIGNATURE-FILE.asc </nowiki><br />
<br />
Where <code>SIGNATURE-FILE.asc</code> is the filename of the <code>.asc</code> file you just downloaded.<br />
<br />
'''Common errors'''<br />
<br />
gpg: directory '/Users/bisq/.gnupg' created<br />
gpg: keybox '/Users/bisq/.gnupg/pubring.kbx' created<br />
gpg: can't open 'SIGNATURE-FILE.asc': No such file or directory<br />
gpg: verify signatures failed: No such file or directory<br />
<br />
In this case you haven't replaced <code>SIGNATURE-FILE.asc</code> with the actual signature file you want to use e.g. <code>Bisq-1.6.4.dmg.asc</code><br />
<br />
gpg: can't open 'Bisq-1.6.4.dmg.asc': No such file or directory<br />
<br />
In this case you either haven't downloaded the signature file already or you are not in the correct directory. You can run <code>pwd</code> to see the path you are in and switch to the correct directory by typing e.g. <code>cd ~/Downloads</code>(switching to the download directory on macOS). To list all files in the current directory you can enter <code>ls -la</code> in your console. <br />
<br />
gpg: assuming signed data in 'Bisq-1.6.4.dmg'<br />
gpg: Signature made Thu May 6 13:32:43 2021 EDT<br />
gpg: using RSA key CB36D7D2EBB2E35D9B75500BCD5DC1C529CDFD3B<br />
gpg: issuer "christoph.atteneder@gmail.com"<br />
gpg: Can't check signature: No public key</nowiki><br />
<br />
In this case you haven't imported the public key successfully. Please follow the guide above on how to import the public key for verification.<br />
<br />
'''Successful verification'''<br />
<br />
You should see output that looks something like:<br />
<br />
gpg: Signature made Thu 13 Feb 2020 01:38:03 PM EST<br />
gpg: using RSA key CB36D7D2EBB2E35D9B75500BCD5DC1C529CDFD3B<br />
gpg: issuer ...<br />
gpg: Good signature from "Christoph Atteneder ..."<br />
<br />
Great—this means the installer file we downloaded is intact and as intended!<br />
<br />
'''Verify jar file after installation'''<br />
<br />
As one last check, you can verify the hash of the jar file after installing Bisq.<br />
<br />
On macOS, the default location of the jar file is:<br />
<br />
/Applications/Bisq.app/Contents/Java/<br />
<br />
On Linux, the default location of the jar file is:<br />
<br />
/opt/bisq/bin/Bisq<br />
<br />
Get the hash of the jar file with:<br />
<br />
shasum -a256 /path/to/jar/file/jar-name.jar<br />
<br />
The hash you get should match the hash in the <code>.jar.txt</code> file in the [https://github.com/bisq-network/bisq/releases/latest release assets].<br />
<br />
== Build from source ==<br />
<br />
[https://github.com/bisq-network/bisq/blob/master/docs/build.md Building Bisq from source] requires just 1 command once you have the correct JDK installed on your machine. <br />
<br />
Finding and installing the correct JDK can sometimes be frustrating, so Bisq's developers have written scripts to make it easier:<br />
* [https://github.com/bisq-network/bisq/blob/master/scripts/install_java.sh For Linux and macOS]<br />
* [https://github.com/bisq-network/bisq/blob/master/scripts/install_java.bat For Windows]<br />
<br />
== OS-specific install notes ==<br />
<br />
=== Linux (General) ===<br />
<br />
Bisq works with a number of Linux distros, but not all desktop environments are supported. <br />
<br />
These are all known working desktop environments (it's a growing list—if you find another one that works, please add it!):<br />
<br />
* GNOME<br />
* Mate<br />
* Xfce<br />
* KDE Plasma<br />
* Cinnamon<br />
<br />
Bisq might not work properly if you switch from the original desktop environment of your Linux distribution to a different one.<br />
<br />
Note: users with discrete GPUs may encounter issues launching Bisq in some desktop environments.<br />
<br />
=== Arch Linux ===<br />
<br />
The Bisq [https://bisq.network/downloads/ downloads page] includes a link to the Arch User Repository (AUR) page for the [https://aur.archlinux.org/packages/bisq/ bisq package].<br />
<br />
# From the command line, clone the repository from AUR. <br />
# Then from the cloned directory, run <code>makepkg -si</code>. This will read the PKGBUILD file to download, verify, build, and install the various tools necessary to install Bisq.<br />
<br />
Please be advised: when you're using AUR, you're responsible for your own safety. Be sure to verify the PKGBUILD file.<br />
<br />
=== Tails ===<br />
<br />
Please see [[Running Bisq on Tails]] for details on downloading, installing, and configuring Bisq on Tails.<br />
<br />
=== Qubes ===<br />
<br />
Please see [[Running Bisq on Qubes]] for a detailed Qubes setup guide.<br />
<br />
<br />
[[Category:Use Cases]]</div>Ripcurlxhttps://bisq.wiki/index.php?title=Downloading_and_installing&diff=2260Downloading and installing2021-05-25T14:20:13Z<p>Ripcurlx: /* macOS and Linux */</p>
<hr />
<div>To use Bisq, you must first '''download and install''' it. Unlike most exchanges, Bisq doesn’t run a centralized server for making and taking offers, so trading on a website isn't possible.<br />
<br />
Instead, Bisq manages offers to trade using a peer-to-peer network—a global network of people who are also running Bisq on their own computers.<br />
<br />
This is good news for you as a user, because centralized services are easy to monitor, block, and shut down, while peer-to-peer networks like BitTorrent, Bitcoin and Bisq are difficult to surveil, censor, and hack.<br />
<br />
All of this means that if you want to use the Bisq network, you’ve got to download and run the software too!<br />
<br />
== Download Bisq ==<br />
<br />
The most convenient way to install Bisq on your machine is from a pre-built install file from the [https://bisq.network/downloads/ Bisq website] or [https://github.com/bisq-network/bisq/releases/latest latest GitHub release].<br />
<br />
There's also a community-maintained [https://snapcraft.io/bisq-desktop Snap package] for various Linux distributions.<br />
<br />
{{Admonition_Note|See [[#OS-specific_install_notes|install notes for various Linux distributions below]].}}<br />
<br />
You can download the installer for your operating system and install Bisq right away, but we strongly recommend that you [[ #Verify installer file | verify the integrity ]] of your installer file first.<br />
<br />
'''If you have issues, please check the ''Known issues with installation'' section in [https://github.com/bisq-network/bisq/releases/latest release notes].'''<br />
<br />
== Verify installer file ==<br />
<br />
Any software that manages funds, signs transactions, and deals with highly sensitive data is a prime target for malware. Bisq does all 3. Therefore it's highly recommended that you verify the integrity of the installer file you use to install Bisq.<br />
<br />
This is just something you should do for the initial Bisq install—afterward, when updates to Bisq are available, you'll be prompted to download and install them through Bisq's interface, and the software will verify the integrity of updates for you.<br />
<br />
Bisq installer files are currently built and signed by Christoph Atteneder (ripcurlx). His public key ID is <code>29CDFD3B</code> and fingerprint is <code>CB36 D7D2 EBB2 E35D 9B75 500B CD5D C1C5 29CD FD3B</code>, which you can verify through [https://github.com/bisq-network/bisq/commits?author=ripcurlx commits on GitHub] and [https://keybase.io/ripcurlx on Keybase].<br />
<br />
The full public key is available [https://bisq.network/pubkey/29CDFD3B.asc here on the Bisq website].<br />
<br />
=== Obtain signature files for installer files ===<br />
<br />
To verify your installer file is intact and as the developer intended, you'll need the PGP signature file corresponding to the installer file you downloaded.<br />
<br />
On the Bisq website's download page, download the PGP signature file for the installer file you downloaded before.<br />
<br />
If you'd prefer to download from GitHub instead, you'll see the <code>.asc</code> file for your installer in the assets section [https://github.com/bisq-network/bisq/releases/latest of the release] along with the installer file itself.<br />
<br />
In either case, the filename for the <code>.asc</code> you download should be identical to the filename for the installer file, just with <code>.asc</code> appended (e.g., signature file for <code>Bisq-1.2.7.dmg</code> would be <code>Bisq-1.2.7.dmg.asc</code>).<br />
<br />
Once you've got the installer file and its corresponding signature file, proceed to the directions for your operating system below.<br />
<br />
=== Windows ===<br />
<br />
Once you've downloaded the installer file and corresponding signature file:<br />
<br />
'''Download ripcurlx's public key'''<br />
<br />
Download ripcurlx's public key [https://bisq.network/pubkey/29CDFD3B.asc here on the Bisq website].<br />
<br />
'''Download and install Gpg4win'''<br />
<br />
Windows doesn't come with GPG software installed by default, so you'll need to install it in order to verify Bisq's installer files.<br />
<br />
You can get Gpg4win [https://www.gpg4win.org/ here].<br />
<br />
Double-click the installer file and proceed to install with all default settings.<br />
<br />
'''Import ripcurlx's public key'''<br />
<br />
In Kleopatra, import ripcurlx's public key file <code>29CDFD3B.asc</code>. Select ''No'' if asked to mark the certificate as valid.<br />
<br />
'''Verify the signature of the binary you downloaded'''<br />
<br />
With the <code>install-file.exe</code> and <code>signature-file.exe.asc</code> in the same directory, double-click on the <code>.exe.asc</code> file.<br />
<br />
You should see a Kleopatra window pop up with a green progress bar that says "Verified .exe with .exe.asc". The program will continue to say "The data could not be verified" in bold but you can disregard that message.<br />
<br />
This means the installer file we downloaded is intact and as intended! You can proceed to install Bisq by double-clicking the <code>.exe</code> file.<br />
<br />
=== macOS and Linux ===<br />
<br />
Once you've downloaded the installer file and corresponding signature file:<br />
<br />
'''Import ripcurlx's public key'''<br />
<br />
Run:<br />
<br />
<nowiki>curl https://bisq.network/pubkey/29CDFD3B.asc | gpg --import</nowiki><br />
<br />
You might see an ominous-sounding warning along the lines of "This key is not certified with a trusted signature". This basically means that none of the public keys on your machine have signed the key you just imported (and that you haven't explicitly indicated you trust this key yourself). This is not necessarily a bad thing, but please see more about what this means [https://serverfault.com/a/569923 here]. In short, you can verify the integrity of this key by [[ #Verify installer file | cross-referencing ripcurlx's Bisq commit signatures and Keybase profile]].<br />
<br />
'''Verify the signature of the binary you downloaded'''<br />
<br />
If you are not familiar with GPG (a free open source version of PGP) you probably need to install GPG command line tools first.<br />
Following instructions are taken from https://blog.ghostinthemachines.com/2015/03/01/how-to-use-gpg-command-line.<br />
<br />
<cite>The easiest way to install the GPG command line tools on your Mac is to first install Homebrew, a package management system that makes thousands of software packages available for install on your Mac.</cite><br />
<br />
<cite>Open a Terminal window (Applications > Utilities menu), then enter the following command.</cite><br />
<br />
<nowiki>ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" </nowiki><br />
<br />
<cite>When that’s complete, install the GPG software package with the following command.</cite><br />
<nowiki>brew install gnupg </nowiki><br />
<br />
With the installer file and installer signature file in the same directory, run:<br />
<br />
<nowiki>gpg --digest-algo SHA256 --verify SIGNATURE-FILE.asc </nowiki><br />
<br />
Where <code>SIGNATURE-FILE.asc</code> is the filename of the <code>.asc</code> file you just downloaded.<br />
<br />
'''Common errors'''<br />
<br />
gpg: can't open 'Bisq-1.6.4.dmg.asc': No such file or directory<br />
<br />
In this case you either haven't downloaded the signature file already or you are not in the correct directory. You can run <code>pwd</code> to see the path you are in and switch to the correct directory by typing e.g. <code>cd ~/Downloads</code>(switching to the download directory on macOS). To list all files in the current directory you can enter <code>ls -la</code> in your console. <br />
<br />
gpg: assuming signed data in 'Bisq-1.6.4.dmg'<br />
gpg: Signature made Thu May 6 13:32:43 2021 EDT<br />
gpg: using RSA key CB36D7D2EBB2E35D9B75500BCD5DC1C529CDFD3B<br />
gpg: issuer "christoph.atteneder@gmail.com"<br />
gpg: Can't check signature: No public key</nowiki><br />
<br />
In this case you haven't imported the public key successfully. Please follow the guide above on how to import the public key for verification.<br />
<br />
'''Successful verification'''<br />
<br />
You should see output that looks something like:<br />
<br />
gpg: Signature made Thu 13 Feb 2020 01:38:03 PM EST<br />
gpg: using RSA key CB36D7D2EBB2E35D9B75500BCD5DC1C529CDFD3B<br />
gpg: issuer ...<br />
gpg: Good signature from "Christoph Atteneder ..."<br />
<br />
Great—this means the installer file we downloaded is intact and as intended!<br />
<br />
'''Verify jar file after installation'''<br />
<br />
As one last check, you can verify the hash of the jar file after installing Bisq.<br />
<br />
On macOS, the default location of the jar file is:<br />
<br />
/Applications/Bisq.app/Contents/Java/<br />
<br />
On Linux, the default location of the jar file is:<br />
<br />
/opt/bisq/bin/Bisq<br />
<br />
Get the hash of the jar file with:<br />
<br />
shasum -a256 /path/to/jar/file/jar-name.jar<br />
<br />
The hash you get should match the hash in the <code>.jar.txt</code> file in the [https://github.com/bisq-network/bisq/releases/latest release assets].<br />
<br />
== Build from source ==<br />
<br />
[https://github.com/bisq-network/bisq/blob/master/docs/build.md Building Bisq from source] requires just 1 command once you have the correct JDK installed on your machine. <br />
<br />
Finding and installing the correct JDK can sometimes be frustrating, so Bisq's developers have written scripts to make it easier:<br />
* [https://github.com/bisq-network/bisq/blob/master/scripts/install_java.sh For Linux and macOS]<br />
* [https://github.com/bisq-network/bisq/blob/master/scripts/install_java.bat For Windows]<br />
<br />
== OS-specific install notes ==<br />
<br />
=== Linux (General) ===<br />
<br />
Bisq works with a number of Linux distros, but not all desktop environments are supported. <br />
<br />
These are all known working desktop environments (it's a growing list—if you find another one that works, please add it!):<br />
<br />
* GNOME<br />
* Mate<br />
* Xfce<br />
* KDE Plasma<br />
* Cinnamon<br />
<br />
Bisq might not work properly if you switch from the original desktop environment of your Linux distribution to a different one.<br />
<br />
Note: users with discrete GPUs may encounter issues launching Bisq in some desktop environments.<br />
<br />
=== Arch Linux ===<br />
<br />
The Bisq [https://bisq.network/downloads/ downloads page] includes a link to the Arch User Repository (AUR) page for the [https://aur.archlinux.org/packages/bisq/ bisq package].<br />
<br />
# From the command line, clone the repository from AUR. <br />
# Then from the cloned directory, run <code>makepkg -si</code>. This will read the PKGBUILD file to download, verify, build, and install the various tools necessary to install Bisq.<br />
<br />
Please be advised: when you're using AUR, you're responsible for your own safety. Be sure to verify the PKGBUILD file.<br />
<br />
=== Tails ===<br />
<br />
Please see [[Running Bisq on Tails]] for details on downloading, installing, and configuring Bisq on Tails.<br />
<br />
=== Qubes ===<br />
<br />
Please see [[Running Bisq on Qubes]] for a detailed Qubes setup guide.<br />
<br />
<br />
[[Category:Use Cases]]</div>Ripcurlxhttps://bisq.wiki/index.php?title=Downloading_and_installing&diff=1854Downloading and installing2020-10-20T07:32:35Z<p>Ripcurlx: </p>
<hr />
<div>To use Bisq, you must first '''download and install''' it. Unlike most exchanges, Bisq doesn’t run a centralized server for making and taking offers, so trading on a website isn't possible.<br />
<br />
Instead, Bisq manages offers to trade using a peer-to-peer network—a global network of people who are also running Bisq on their own computers.<br />
<br />
This is good news for you as a user, because centralized services are easy to monitor, block, and shut down, while peer-to-peer networks like BitTorrent, Bitcoin and Bisq are difficult to surveil, censor, and hack.<br />
<br />
All of this means that if you want to use the Bisq network, you’ve got to download and run the software too!<br />
<br />
== Download Bisq ==<br />
<br />
The most convenient way to install Bisq on your machine is from a pre-built install file from the [https://bisq.network/downloads/ Bisq website] or [https://github.com/bisq-network/bisq/releases/latest latest GitHub release].<br />
<br />
There's also a community-maintained [https://snapcraft.io/bisq-desktop Snap package] for various Linux distributions.<br />
<br />
{{Admonition_Note|See [[#OS-specific_install_notes|install notes for various Linux distributions below]].}}<br />
<br />
You can download the installer for your operating system and install Bisq right away, but we strongly recommend that you [[ #Verify installer file | verify the integrity ]] of your installer file first.<br />
<br />
'''If you have issues, please check the ''Known issues with installation'' section in [https://github.com/bisq-network/bisq/releases/latest release notes].'''<br />
<br />
== Verify installer file ==<br />
<br />
Any software that manages funds, signs transactions, and deals with highly sensitive data is a prime target for malware. Bisq does all 3. Therefore it's highly recommended that you verify the integrity of the installer file you use to install Bisq.<br />
<br />
This is just something you should do for the initial Bisq install—afterward, when updates to Bisq are available, you'll be prompted to download and install them through Bisq's interface, and the software will verify the integrity of updates for you.<br />
<br />
Bisq installer files are currently built and signed by Christoph Atteneder (ripcurlx). His public key ID is <code>29CDFD3B</code> and fingerprint is <code>CB36 D7D2 EBB2 E35D 9B75 500B CD5D C1C5 29CD FD3B</code>, which you can verify through [https://github.com/bisq-network/bisq/commits?author=ripcurlx commits on GitHub] and [https://keybase.io/ripcurlx on Keybase].<br />
<br />
The full public key is available [https://bisq.network/pubkey/29CDFD3B.asc here on the Bisq website].<br />
<br />
=== Obtain signature files for installer files ===<br />
<br />
To verify your installer file is intact and as the developer intended, you'll need the PGP signature file corresponding to the installer file you downloaded.<br />
<br />
On the Bisq website's download page, download the PGP signature file for the installer file you downloaded before.<br />
<br />
If you'd prefer to download from GitHub instead, you'll see the <code>.asc</code> file for your installer in the assets section [https://github.com/bisq-network/bisq/releases/latest of the release] along with the installer file itself.<br />
<br />
In either case, the filename for the <code>.asc</code> you download should be identical to the filename for the installer file, just with <code>.asc</code> appended (e.g., signature file for <code>Bisq-1.2.7.dmg</code> would be <code>Bisq-1.2.7.dmg.asc</code>).<br />
<br />
Once you've got the installer file and its corresponding signature file, proceed to the directions for your operating system below.<br />
<br />
=== Windows ===<br />
<br />
Once you've downloaded the installer file and corresponding signature file:<br />
<br />
'''Download ripcurlx's public key'''<br />
<br />
Download ripcurlx's public key [https://bisq.network/pubkey/29CDFD3B.asc here on the Bisq website].<br />
<br />
'''Download and install Gpg4win'''<br />
<br />
Windows doesn't come with GPG software installed by default, so you'll need to install it in order to verify Bisq's installer files.<br />
<br />
You can get Gpg4win [https://www.gpg4win.org/ here].<br />
<br />
Double-click the installer file and proceed to install with all default settings.<br />
<br />
'''Import ripcurlx's public key'''<br />
<br />
In Kleopatra, import ripcurlx's public key file <code>29CDFD3B.asc</code>. Select ''No'' if asked to mark the certificate as valid.<br />
<br />
'''Verify the signature of the binary you downloaded'''<br />
<br />
With the <code>install-file.exe</code> and <code>signature-file.exe.asc</code> in the same directory, double-click on the <code>.exe.asc</code> file.<br />
<br />
You should see a Kleopatra window pop up with a green progress bar that says "Verified .exe with .exe.asc". The program will continue to say "The data could not be verified" in bold but you can disregard that message.<br />
<br />
This means the installer file we downloaded is intact and as intended! You can proceed to install Bisq by double-clicking the <code>.exe</code> file.<br />
<br />
=== macOS and Linux ===<br />
<br />
Once you've downloaded the installer file and corresponding signature file:<br />
<br />
'''Import ripcurlx's public key'''<br />
<br />
Run:<br />
<br />
<nowiki>curl https://bisq.network/pubkey/29CDFD3B.asc | gpg --import</nowiki><br />
<br />
You might see an ominous-sounding warning along the lines of "This key is not certified with a trusted signature". This basically means that none of the public keys on your machine have signed the key you just imported (and that you haven't explicitly indicated you trust this key yourself). This is not necessarily a bad thing, but please see more about what this means [https://serverfault.com/a/569923 here]. In short, you can verify the integrity of this key by [[ #Verify installer file | cross-referencing ripcurlx's Bisq commit signatures and Keybase profile]].<br />
<br />
'''Verify the signature of the binary you downloaded'''<br />
<br />
If you are not familiar with GPG (a free open source version of PGP) you probably need to install GPG command line tools first.<br />
Following instructions are taken from https://blog.ghostinthemachines.com/2015/03/01/how-to-use-gpg-command-line.<br />
<br />
<cite>The easiest way to install the GPG command line tools on your Mac is to first install Homebrew, a package management system that makes thousands of software packages available for install on your Mac.</cite><br />
<br />
<cite>Open a Terminal window (Applications > Utilities menu), then enter the following command.</cite><br />
<br />
<nowiki>ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" </nowiki><br />
<br />
<cite>When that’s complete, install the GPG software package with the following command.</cite><br />
<nowiki>brew install gnupg </nowiki><br />
<br />
With the installer file and installer signature file in the same directory, run:<br />
<br />
<nowiki>gpg --digest-algo SHA256 --verify SIGNATURE-FILE.asc </nowiki><br />
<br />
Where <code>SIGNATURE-FILE.asc</code> is the filename of the <code>.asc</code> file you just downloaded.<br />
<br />
You should see output that looks something like:<br />
<br />
gpg: Signature made Thu 13 Feb 2020 01:38:03 PM EST<br />
gpg: using RSA key CB36D7D2EBB2E35D9B75500BCD5DC1C529CDFD3B<br />
gpg: issuer ...<br />
gpg: Good signature from "Christoph Atteneder ..."<br />
<br />
Great—this means the installer file we downloaded is intact and as intended!<br />
<br />
'''Verify jar file after installation'''<br />
<br />
As one last check, you can verify the hash of the jar file after installing Bisq.<br />
<br />
On macOS, the default location of the jar file is:<br />
<br />
/Applications/Bisq.app/Contents/Java/<br />
<br />
On Linux, the default location of the jar file is:<br />
<br />
/opt/Bisq/app/<br />
<br />
Get the hash of the jar file with:<br />
<br />
shasum -a256 /path/to/jar/file/jar-name.jar<br />
<br />
The hash you get should match the hash in the <code>.jar.txt</code> file in the [https://github.com/bisq-network/bisq/releases/latest release assets].<br />
<br />
== Build from source ==<br />
<br />
[https://github.com/bisq-network/bisq/blob/master/docs/build.md Building Bisq from source] requires just 1 command once you have the correct JDK installed on your machine. <br />
<br />
Finding and installing the correct JDK can sometimes be frustrating, so Bisq's developers have written scripts to make it easier:<br />
* [https://github.com/bisq-network/bisq/blob/master/scripts/install_java.sh For Linux and macOS]<br />
* [https://github.com/bisq-network/bisq/blob/master/scripts/install_java.bat For Windows]<br />
<br />
== OS-specific install notes ==<br />
<br />
=== Linux (General) ===<br />
<br />
Bisq works with a number of Linux distros, but not all desktop environments are supported. <br />
<br />
These are all known working desktop environments (it's a growing list—if you find another one that works, please add it!):<br />
<br />
* GNOME<br />
* Mate<br />
* Xfce<br />
* KDE Plasma<br />
* Cinnamon<br />
<br />
Bisq might not work properly if you switch from the original desktop environment of your Linux distribution to a different one.<br />
<br />
Note: users with discrete GPUs may encounter issues launching Bisq in some desktop environments.<br />
<br />
=== Arch Linux ===<br />
<br />
The Bisq [https://bisq.network/downloads/ downloads page] includes a link to the Arch User Repository (AUR) page for the [https://aur.archlinux.org/packages/bisq/ bisq package].<br />
<br />
# From the command line, clone the repository from AUR. <br />
# Then from the cloned directory, run <code>makepkg -si</code>. This will read the PKGBUILD file to download, verify, build, and install the various tools necessary to install Bisq.<br />
<br />
Please be advised: when you're using AUR, you're responsible for your own safety. Be sure to verify the PKGBUILD file.<br />
<br />
=== Tails ===<br />
<br />
Please see [[Running Bisq on Tails]] for details on downloading, installing, and configuring Bisq on Tails.<br />
<br />
=== Qubes ===<br />
<br />
Please see [[Running Bisq on Qubes]] for a detailed Qubes setup guide.<br />
<br />
<br />
[[Category:Use Cases]]</div>Ripcurlxhttps://bisq.wiki/index.php?title=Bisq_Maintainer&diff=144Bisq Maintainer2020-02-21T14:17:07Z<p>Ripcurlx: I think we should directly link the members section as the main page probably will stay empty</p>
<hr />
<div>This article documents the ''Bisq Maintainer'' role. See [[Roles]] for context.<br />
<br />
__TOC__<br />
<br />
=== Issue ===<br />
https://github.com/bisq-network/roles/issues/63<br />
<br />
=== Team ===<br />
[https://github.com/orgs/bisq-network/teams/bisq-maintainers/members @bisq-network/bisq-maintainers]<br />
<br />
=== Duties ===<br />
* Perform [https://docs.bisq.network/roles.html#common-duties duties common to all roles]<br />
* Merge pull requests per the [[Development Process]]<br />
* Manage critical bugs per the [[Critical Bugs]] process<br />
<br />
=== Rights ===<br />
* Admin access to the bisq-network/bisq repository<br />
* Write access to the [[Critical Bugs#Board|critical bugs board]]<br />
<br />
=== Bonding ===<br />
Required. See https://github.com/bisq-network/bisq/blob/42a037e/core/src/main/java/bisq/core/dao/state/model/governance/BondedRoleType.java#L51<br />
<br />
[[Category:Roles]]</div>Ripcurlxhttps://bisq.wiki/index.php?title=Critical_bugs&diff=143Critical bugs2020-02-21T12:59:13Z<p>Ripcurlx: /* Identification */</p>
<hr />
<div>This article explains what critical bugs are and covers the process for identifying and fixing them.<br />
<br />
__TOC__<br />
<br />
== What is a Critical Bug? ==<br />
<br />
A [[Glossary#Critical_bug|critical bug]] is any bug or other issue that:<br />
<br />
* impedes users from completing a [[Glossary#Core_use_case|core use case]] in Bisq, and/or<br />
* repeatedly lands users in support, and/or<br />
* puts user funds or privacy at risk<br />
<br />
Critical bugs are by definition among the most important and highest priority tasks that can be worked on. The goal is to have zero outstanding critical bugs at any given time. Bisq developers should therefore consider working on critical bugs ahead of anything else.<br />
<br />
== Infrastructure ==<br />
<br />
=== Board ===<br />
<br />
The Critical Bugs board can be found at https://github.com/orgs/bisq-network/projects/7.<br />
<br />
[[File:Critical Bugs Board.png|400px|right|thumb|Critical Bugs board]]<br />
<br />
== Process ==<br />
<br />
=== Identification ===<br />
<br />
Bisq maintainers are notified of new issues as they arrive in the [https://github.com/bisq-network/bisq/issues Bisq repository] and should apply the <code>is:critical bug</code> label to any issue that fits the definition above.<br />
<br />
Immediately after labeling a critical bug, the Bisq maintainer should add that issue to the <code>To do</code> column of the board, sorting the issue according to its priority relative to the other issues in that column.<br />
<br />
=== Notification ===<br />
<br />
''Note (@cbeams): We may want to have maintainers add a comment to newly-indentified critical bugs mentioning <code>@bisq-network/bisq-devs</code> and <code>@bisq-network/support</code> so that those groups are made aware of the issue and are automatically subscribed to any updates on it. @ripcurlx to decide and update this section accordingly.''<br />
<br />
=== Assignment ===<br />
<br />
If you are a developer interested in working on a given critical bug, you should add a comment to the issue asking to be assigned to it. A Bisq maintainer will follow up with you and make the assignment as appropriate and will transition the issue to the <code>In progress</code> column of the board. You should then proceed to put together a pull request that fixes the bug as per the usual [[Development Process]].<br />
<br />
Once assigned to a critical bug, you should post comments on the issue indicating your progress and post [[standup]] updates about it each day you work on it. This allows other developers to help out if need be and keeps everyone in the loop. These updates also serve as documentation when you submit a compensation request for your work.<br />
<br />
If you stop working on a critical bug before it has been fixed, you should indicate that explicitly via comment on the issue so the maintainer can remove your assignment and transition the issue back to <code>To do</code> as appropriate.<br />
<br />
=== Compensation ===<br />
<br />
[[Glossary#Delivered|Delivered]] work on critical bugs is eligible for [[compensation]] under the Bisq DAO. In this case, delivered work could mean one of the following:<br />
<br />
* the bug was fixed and the associated pull request has been merged into master<br />
* the bug was investigated and a fix has been documented, but cannot be implemented due to an external dependency e.g.: a JDK / OpenJFX update is required.<br />
<br />
[[Category:Infrastructure]]<br />
[[Category:Processes]]</div>Ripcurlxhttps://bisq.wiki/index.php?title=Development_process&diff=138Development process2020-02-21T10:40:10Z<p>Ripcurlx: Created page with "''Note (@ripcurlx): This is just a stub where we can detail the development processes. Just added it to link the existing process for critical bugs'' == Processes == === C..."</p>
<hr />
<div>''Note (@ripcurlx): This is just a stub where we can detail the development processes. Just added it to link the existing process for critical bugs''<br />
<br />
== Processes ==<br />
<br />
=== [[Critical_Bugs|Critical bugs]] ===<br />
<br />
=== Development within priorities ===<br />
<br />
=== Development outside of priorities ===</div>Ripcurlxhttps://bisq.wiki/index.php?title=Critical_bugs&diff=134Critical bugs2020-02-21T08:09:37Z<p>Ripcurlx: </p>
<hr />
<div>This page explains what critical bugs are and covers the workflow for devs willing to solve them.<br />
__TOC__<br />
<br />
== What are [[Glossary#Critical_Bug|critical bugs]]? ==<br />
<br />
Starting with our dev budget, we will focus in a first step on our most critical ''[[Glossary#Core_use_case|core use cases]]''. A ''core use case'' is any set of actions that a user must be able to complete in order to successfully trade and/or manage funds using Bisq.<br />
<br />
A '''critical bug''' is any bug or other issue that:<br />
<br />
* impedes users from completing a core use case in Bisq, and/or<br />
* repeatedly lands users in support, and/or<br />
* puts user funds or privacy at risk<br />
<br />
Bisq maintainers will scan every day the [https://github.com/bisq-network/bisq/issues issues] within the Bisq repository and apply the label '''is:critical bug''' to all issues that fit the description above.<br />
Afterwards they are move to the [https://github.com/orgs/bisq-network/projects/7 critical bugs board] and sorted by priority.<br />
<br />
[[File:Critical Bugs Board.png|none|1105]]<br />
<br />
== I want to work on a critical bug ==<br />
<br />
If you want to tackle one of this important issues please leave a comment that you want to work on it to get officially assigned.<br />
<br />
[[File:Assigned issue.png|none|353]]<br />
<br />
We do want to prevent that people are working on the same problem at the same time.<br />
When you start working please also to post status updates in our #standup channel on Keybase and do post update comments on your investigations within the issue. This enables other devs to help out if there is need be.<br />
Also it is additional documentation on your progress and efforts when you want to post your compensation request.<br />
<br />
== Do I get compensated by the DAO? ==<br />
<br />
Delivered work on critical bugs is up for compensation.<br />
In this case delivered work could mean one of the following:<br />
* the bug was solved and the fix is merged into master<br />
* the bug was investigated and solution is documented, but can't be fixed right now because of an external dependency (e.g. JDK/OpenJFX update required)<br />
<br />
[[Category:Stubs]]<br />
[[Category:Processes]]<br />
[[Category:Infrastructure]]</div>Ripcurlxhttps://bisq.wiki/index.php?title=File:Assigned_issue.png&diff=131File:Assigned issue.png2020-02-21T07:51:29Z<p>Ripcurlx: </p>
<hr />
<div>Screenshot of issue with someone assigned to it</div>Ripcurlxhttps://bisq.wiki/index.php?title=Critical_bugs&diff=130Critical bugs2020-02-21T07:43:25Z<p>Ripcurlx: </p>
<hr />
<div>This page explains what critical bugs are and covers the workflow for devs willing to solve them.<br />
<br />
== What are critical bugs? ==<br />
<br />
Starting with our dev budget, we will focus in a first step on our most critical ''core use cases''. A ''core use case'' is any set of actions that a user must be able to complete in order to successfully trade and/or manage funds using Bisq.<br />
<br />
A '''critical bug''' is any bug or other issue that:<br />
<br />
* impedes users from completing a core use case in Bisq, and/or<br />
* repeatedly lands users in support, and/or<br />
* puts user funds or privacy at risk<br />
<br />
Bisq maintainers will scan every day the [https://github.com/bisq-network/bisq/issues issues] within the Bisq repository and apply the label '''is:critical bug''' to all issues that fit the description above.<br />
Afterwards they are move to the [https://github.com/orgs/bisq-network/projects/7 critical bugs board]<br />
<br />
[[File:Critical Bugs Board.png|none|1105]]<br />
<br />
This is where we can detail the concept of Critical Bugs and the [https://github.com/orgs/bisq-network/projects/7 Critical Bugs board] and process. Should be linked to appropriately from the larger [[Development Process]] article. Is already linked from [[Dev_Team#Infrastructure]]. Perhaps a screenshot would be nice for giving people immediate context / feel of what is being talked about. Note that a glossary entry has already been added at [[Glossary#Critical_Bug]].<br />
<br />
[[Category:Stubs]]<br />
[[Category:Processes]]<br />
[[Category:Infrastructure]]</div>Ripcurlxhttps://bisq.wiki/index.php?title=File:Critical_Bugs_Board.png&diff=129File:Critical Bugs Board.png2020-02-21T07:41:23Z<p>Ripcurlx: </p>
<hr />
<div>This is a screenshot of the critical bugs board</div>Ripcurlx