Hull Signature Verifier

Two flows: verify a Hull release binary against the embedded release public key, OR verify a Hull-built app bundle (package.sig) against the embedded platform key. Ed25519 verification runs in your browser via vendored TweetNaCl. no upload, no telemetry.

Release binary

Tier 1 · release key

Drop the hull.sha256 manifest and its hull.sha256.sig from a GitHub release. Optionally drop the hull-* binary itself to confirm its SHA-256 matches the signed manifest.

hull.sha256

Drop hull.sha256 here

SHA-256 manifest of release artefacts

hull.sha256.sig

Drop hull.sha256.sig here

Ed25519 signature (128 hex chars)

Optional: release binary

Drop one or more hull-* binaries to verify their SHA-256

App bundle

Tiers 2 + 3 · platform + dev key

Drop a package.sig from a built Hull app (the inner half is signed by gethull.dev's platform key (the embedded one) and the outer half by the app developer's key). Optionally drop the APE binary and the developer's .pub file.

1. Signature

Drop package.sig here

(or hull.sig)

2. Binary (optional)

Drop APE binary here

Verifies binary hash

Developer Key

Provide the developer's public key to verify identity.

Or drop a .pub file here

All verification happens locally in your browser. No data leaves this page.