Download - Bitcoin

Latest version: 0.17.0 rss

Or choose your operating system

Verify release signatures
Download torrent
Source code
Show version history

Bitcoin Core Release Signing Keys v0.11.0+ 01EA5486DE18A882D4C2684590C8019E36C2E964

Check your bandwidth and space

Bitcoin Core requires a one-time download of about 210GB of data plus a further 5-10GB per month. By default, you will need to store all of that data, but if you enable pruning, you can store as little as 6GB total without sacrificing any security. For more information about setting up Bitcoin Core, please read the full node guide.

Verify your download

Download verification is optional but highly recommended. Click one of the lines below to view verification instructions for that platform.

Windows verification instructions
  1. Click the link in the list above to download the release for your platform and wait for the file to finish downloading.

  2. Download the list of cryptographic checksums: SHA256SUMS.asc

  3. Open a terminal (command line prompt) and Change Directory (cd) to the folder you use for downloads. For example:

    cd %UserProfile%\Downloads
    
  4. Run the following command to generate a checksum of the release file you downloaded. Replace 'bitcoin-0.17.0-win64-setup.exe' with the name of the file you actually downloaded.

    certUtil -hashfile bitcoin-0.17.0-win64-setup.exe SHA256
  5. Ensure that the checksum produced by the command above matches one of the checksums listed in the checksums file you downloaded earlier. We recommend that you check every character of the two checksums to ensure they match. You can see the checksums you downloaded by running the following command:

    type SHA256SUMS.asc
  6. If you haven't previously installed GNU Privacy Guard (GPG) on your system, install it now or see other installation options.

  7. Obtain a copy of the release signing key by running the following command:

    C:\Program Files\Gnu\GnuPg\gpg.exe --recv-keys 01EA5486DE18A882D4C2684590C8019E36C2E964

    The output of the command above should say that one key was imported, updated, has new signatures, or remained unchanged.

  8. Verify that the checksums file is PGP signed by the release signing key:
    C:\Program Files\Gnu\GnuPg\gpg.exe --verify SHA256SUMS.asc
  9. Check the output from the above command for the following text:

    1. A line that starts with: gpg: Good signature

    2. A complete line saying: Primary key fingerprint: 01EA 5486 DE18 A882 D4C2  6845 90C8 019E 36C2 E964

    The output from the verify command may contain a warning that the "key is not certified with a trusted signature." This means that to fully verify your download, you need to ask people you trust to confirm that the key fingerprint printed above belongs to the Bitcoin Core Project's release signing key.

MacOS verification instructions
  1. Click the link in the list above to download the release for your platform and wait for the file to finish downloading.

  2. Download the list of cryptographic checksums: SHA256SUMS.asc

  3. Open a terminal (command line prompt) and Change Directory (cd) to the folder you use for downloads. For example:

    cd Downloads/
  4. Verify that the checksum of the release file is listed in the checksums file using the following command:

    shasum -a 256 --check SHA256SUMS.asc

    In the output produced by the above command, you can safely ignore any warnings and failures, but you must ensure the output lists "OK" after the name of the release file you downloaded. For example: bitcoin-0.17.0-osx.dmg: OK

  5. If you haven't previously installed GNU Privacy Guard (GPG) on your system, install it now or see other installation options.

  6. Obtain a copy of the release signing key by running the following command:

    gpg --recv-keys 01EA5486DE18A882D4C2684590C8019E36C2E964

    The output of the command above should say that one key was imported, updated, has new signatures, or remained unchanged.

  7. Verify that the checksums file is PGP signed by the release signing key:
    gpg --verify SHA256SUMS.asc
  8. Check the output from the above command for the following text:

    1. A line that starts with: gpg: Good signature

    2. A complete line saying: Primary key fingerprint: 01EA 5486 DE18 A882 D4C2  6845 90C8 019E 36C2 E964

    The output from the verify command may contain a warning that the "key is not certified with a trusted signature." This means that to fully verify your download, you need to ask people you trust to confirm that the key fingerprint printed above belongs to the Bitcoin Core Project's release signing key.

Linux verification instructions (not for Ubuntu PPA)
  1. Click the link in the list above to download the release for your platform and wait for the file to finish downloading.

  2. Download the list of cryptographic checksums: SHA256SUMS.asc

  3. Open a terminal (command line prompt) and Change Directory (cd) to the folder you use for downloads. For example:

    cd Downloads/
  4. Verify that the checksum of the release file is listed in the checksums file using the following command:

    sha256sum --ignore-missing --check SHA256SUMS.asc

    In the output produced by the above command, you can safely ignore any warnings and failures, but you must ensure the output lists "OK" after the name of the release file you downloaded. For example: bitcoin-0.17.0-x86_64-linux-gnu.tar.gz: OK

  5. Obtain a copy of the release signing key by running the following command:

    gpg --recv-keys 01EA5486DE18A882D4C2684590C8019E36C2E964

    The output of the command above should say that one key was imported, updated, has new signatures, or remained unchanged.

  6. Verify that the checksums file is PGP signed by the release signing key:
    gpg --verify SHA256SUMS.asc
  7. Check the output from the above command for the following text:

    1. A line that starts with: gpg: Good signature

    2. A complete line saying: Primary key fingerprint: 01EA 5486 DE18 A882 D4C2  6845 90C8 019E 36C2 E964

    The output from the verify command may contain a warning that the "key is not certified with a trusted signature." This means that to fully verify your download, you need to ask people you trust to confirm that the key fingerprint printed above belongs to the Bitcoin Core Project's release signing key.

Ubuntu PPA verification instructions

Ubuntu PPAs are not built using the same reproducible method used for the other Bitcoin Core packages listed on this page, so the Bitcoin Core project does not have the information necessary to help you verify the Bitcoin Core Ubuntu PPA packages. This situation is also described by the PPA itself:

"Note that you should prefer to use the official binaries, where possible, to limit trust in Launchpad/the PPA owner."

Additional verification with reproducible builds

Experienced users who don't mind performing additional steps can take advantage of Bitcoin Core's reproducible builds and the signed checksums generated by contributors who perform those builds.

  • Reproducible builds allow anyone with a copy of Bitcoin Core's MIT-licensed source code to build identical binaries to those distributed on this website (meaning the binaries will have the same cryptographic checksums as those provided by this website).

  • Verified reproduction is the result of multiple Bitcoin Core contributors each independently reproducing identical binaries as described above. These contributors cryptographically sign and publish the checksums of the binaries they generate.

Verifying that several contributors you trust all signed the same checksums distributed in the release checksums file will provide you with additional assurances over the preceding basic verification instructions. Alternatively, reproducing a binary for yourself will provide you with the highest level of assurance currently available. For more information, visit the project's repository of trusted build process signatures.


Bitcoin Core is a community-driven free software project, released under the open source MIT license.