Release v0.17.3

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/MostroP2P/mostro/main/keys/negrunch.asc | gpg --import
curl https://raw.githubusercontent.com/MostroP2P/mostro/main/keys/arkanoider.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest.txt.sig.negrunch, manifest.txt.sig.arkanoider and manifest.txt are in the current directory) with:

gpg --verify manifest.txt.sig.negrunch manifest.txt
gpg --verify manifest.txt.sig.arkanoider manifest.txt

gpg: Signature made fri 10 oct 2025 11:28:03 -03
gpg:                using RSA key 1E41631D137BA2ADE55344F73852B843679AD6F0
gpg: Good signature from "Francisco Calderón <fjcalderon@gmail.com>" [ultimate]

gpg: Signature made fri 10 oct 2025 11:28:03 -03
gpg:                using RSA key 2E986CA1C5E7EA1635CD059C4989CC7415A43AEC
gpg: Good signature from "Arkanoider <github.913zc@simplelogin.com>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

What's Changed in v0.17.3

🐛 Bug Fixes

• fix: fix for bug introduced in 0.17.2 blocking range orders by @arkanoider in #705

💼 Other

• Update CHANGELOG for version 0.17.3 by @grunch

⚙️ Miscellaneous Tasks

• Release mostro version 0.17.3 by @grunch

Contributors

• @grunch made their contribution
• @arkanoider made their contribution in #705

Full Changelog: v0.17.2...v0.17.3

Release v0.17.2

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/MostroP2P/mostro/main/keys/negrunch.asc | gpg --import
curl https://raw.githubusercontent.com/MostroP2P/mostro/main/keys/arkanoider.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest.txt.sig.negrunch, manifest.txt.sig.arkanoider and manifest.txt are in the current directory) with:

gpg --verify manifest.txt.sig.negrunch manifest.txt
gpg --verify manifest.txt.sig.arkanoider manifest.txt

gpg: Signature made fri 10 oct 2025 11:28:03 -03
gpg:                using RSA key 1E41631D137BA2ADE55344F73852B843679AD6F0
gpg: Good signature from "Francisco Calderón <fjcalderon@gmail.com>" [ultimate]

gpg: Signature made fri 10 oct 2025 11:28:03 -03
gpg:                using RSA key 2E986CA1C5E7EA1635CD059C4989CC7415A43AEC
gpg: Good signature from "Arkanoider <github.913zc@simplelogin.com>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

What's Changed in v0.17.2

🚀 Features

• feat: add interactive setup wizard for first-time configuration by @AndreaDiazCorreia in #696

🐛 Bug Fixes

• fix: validate fiat_amount and amount in order_action by @mostronatorcoder[bot] in #702
• fix: prevent stale Order writes from causing duplicate payments by @Catrya in #692

💼 Other

• Update CHANGELOG for version 0.17.2 by @grunch
• Include solver_pubkey in restore disputes response by @BraCR10 in #690

⚙️ Miscellaneous Tasks

• Release mostro version 0.17.2 by @grunch

Contributors

• @grunch made their contribution
• @mostronatorcoder[bot] made their contribution in #702
• @AndreaDiazCorreia made their contribution in #696
• @Catrya made their contribution in #692
• @BraCR10 made their contribution in #690

Full Changelog: v0.17.1...v0.17.2

Release v0.17.1

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/MostroP2P/mostro/main/keys/negrunch.asc | gpg --import
curl https://raw.githubusercontent.com/MostroP2P/mostro/main/keys/arkanoider.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest.txt.sig.negrunch, manifest.txt.sig.arkanoider and manifest.txt are in the current directory) with:

gpg --verify manifest.txt.sig.negrunch manifest.txt
gpg --verify manifest.txt.sig.arkanoider manifest.txt

gpg: Signature made fri 10 oct 2025 11:28:03 -03
gpg:                using RSA key 1E41631D137BA2ADE55344F73852B843679AD6F0
gpg: Good signature from "Francisco Calderón <fjcalderon@gmail.com>" [ultimate]

gpg: Signature made fri 10 oct 2025 11:28:03 -03
gpg:                using RSA key 2E986CA1C5E7EA1635CD059C4989CC7415A43AEC
gpg: Good signature from "Arkanoider <github.913zc@simplelogin.com>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

What's Changed in v0.17.1

🚀 Features

• feat: publish exchange rates to Nostr by @mostronatorcoder[bot] in #685
• feat: include Mostro pubkey in order event source tag by @mostronatorcoder[bot] in #679
• feat: total remove of database encrytpion logic by @arkanoider in #676

💼 Other

• Update CHANGELOG for version 0.17.1 by @grunch
• Change default value of max_routing_fee by @grunch in #688
• Encryption removed by @arkanoider in #674

📚 Documentation

• docs: add branch protection rules documentation by @mostronatorcoder[bot] in #686
• refactor: split cross-kind y-tag changes into scoped follow-up PRs for s by @JiwaniZakir in #677

🧪 Testing

• test: add end-to-end y-tag emission coverage for order/info/dispute/admin/dev-fee events by @codaMW in #668

⚙️ Miscellaneous Tasks

• Release mostro version 0.17.1 by @grunch
• Improved github actions: bumped action for checkout and also MSRV version by @arkanoider in #687

Contributors

• @grunch made their contribution
• @arkanoider made their contribution in #687
• @mostronatorcoder[bot] made their contribution in #686
• @JiwaniZakir made their contribution in #677
• @codaMW made their contribution in #668

Full Changelog: v0.17.0...v0.17.1

Release v0.17.0

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/MostroP2P/mostro/main/keys/negrunch.asc | gpg --import
curl https://raw.githubusercontent.com/MostroP2P/mostro/main/keys/arkanoider.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest.txt.sig.negrunch, manifest.txt.sig.arkanoider and manifest.txt are in the current directory) with:

gpg --verify manifest.txt.sig.negrunch manifest.txt
gpg --verify manifest.txt.sig.arkanoider manifest.txt

gpg: Signature made fri 10 oct 2025 11:28:03 -03
gpg:                using RSA key 1E41631D137BA2ADE55344F73852B843679AD6F0
gpg: Good signature from "Francisco Calderón <fjcalderon@gmail.com>" [ultimate]

gpg: Signature made fri 10 oct 2025 11:28:03 -03
gpg:                using RSA key 2E986CA1C5E7EA1635CD059C4989CC7415A43AEC
gpg: Good signature from "Arkanoider <github.913zc@simplelogin.com>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

What's Changed in v0.17.0

💼 Other

• Update CHANGELOG for version 0.17.0 by @grunch

🚜 Refactor

• refactor: remove from_globals() and construct AppContext explicitly (#656 PR F) by @mostronatorcoder[bot] in #672
• refactor: add keys to AppContext (#656 PR E) by @mostronatorcoder[bot] in #670
• refactor: migrate scheduler to AppContext (#656 PR D) by @mostronatorcoder[bot] in #667
• refactor: remove global accesses from handler paths (#656 PR C) by @mostronatorcoder[bot] in #666
• refactor: simplify dispatcher by removing pool parameter (#656 PR B) by @mostronatorcoder[bot] in #665
• refactor: remove legacy DI wrapper signatures (#656 PR A) by @mostronatorcoder[bot] in #663

📚 Documentation

• docs: update architecture docs for DI migration (#656) by @mostronatorcoder[bot] in #673

⚙️ Miscellaneous Tasks

• Release mostro version 0.17.0 by @grunch

Contributors

• @grunch made their contribution
• @mostronatorcoder[bot] made their contribution in #673

Full Changelog: v0.16.5...v0.17.0

Release v0.16.5

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/MostroP2P/mostro/main/keys/negrunch.asc | gpg --import
curl https://raw.githubusercontent.com/MostroP2P/mostro/main/keys/arkanoider.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest.txt.sig.negrunch, manifest.txt.sig.arkanoider and manifest.txt are in the current directory) with:

gpg --verify manifest.txt.sig.negrunch manifest.txt
gpg --verify manifest.txt.sig.arkanoider manifest.txt

gpg: Signature made fri 10 oct 2025 11:28:03 -03
gpg:                using RSA key 1E41631D137BA2ADE55344F73852B843679AD6F0
gpg: Good signature from "Francisco Calderón <fjcalderon@gmail.com>" [ultimate]

gpg: Signature made fri 10 oct 2025 11:28:03 -03
gpg:                using RSA key 2E986CA1C5E7EA1635CD059C4989CC7415A43AEC
gpg: Good signature from "Arkanoider <github.913zc@simplelogin.com>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

What's Changed in v0.16.5

💼 Other

• Update CHANGELOG for version 0.16.5 by @grunch
• Adding instance name to "y" tags by @sergey3bv in #653

🚜 Refactor

• refactor: complete phase-5 handler DI migration to AppContext (#639) by @mostronatorcoder[bot] in #657
• refactor: wire AppContext into dispatcher and migrate cancel module (#639 phase 2) by @mostronatorcoder[bot] in #652
• refactor: add AppContext struct for dependency injection (#639 phase 1) by @mostronatorcoder[bot] in #651
• refactor: remove password infrastructure and all encryption code paths by @mostronatorcoder[bot] in #647
• refactor: remove dual encrypted/unencrypted code paths in db.rs by @mostronatorcoder[bot] in #646
• refactor: remove encryption from app layer and util by @mostronatorcoder[bot] in #645
• refactor: add --decrypt-db CLI command for database migration by @mostronatorcoder[bot] in #644
• refactor: add deprecation warning for MOSTRO_DB_PASSWORD by @mostronatorcoder[bot] in #643

🧪 Testing

• test: add phase-4 cancel unit tests using AppContext builder (#639) by @mostronatorcoder[bot] in #655
• test: add phase-3 mock test context utilities for AppContext (#639) by @mostronatorcoder[bot] in #654
• test: add 28 mutation testing tests for db module by @mostronatorcoder[bot] in #640

⚙️ Miscellaneous Tasks

• Release mostro version 0.16.5 by @grunch
• ci: make PR mutation testing opt-in via label by @mostronatorcoder[bot] in #648

◀️ Revert

• revert: logical revert of PR #617 targeted update behavior by @mostronatorcoder[bot] in #659

Contributors

• @grunch made their contribution
• @sergey3bv made their contribution in #653
• @mostronatorcoder[bot] made their contribution in #659

Full Changelog: v0.16.4...v0.16.5

Release v0.16.4

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/MostroP2P/mostro/main/keys/negrunch.asc | gpg --import
curl https://raw.githubusercontent.com/MostroP2P/mostro/main/keys/arkanoider.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest.txt.sig.negrunch, manifest.txt.sig.arkanoider and manifest.txt are in the current directory) with:

gpg --verify manifest.txt.sig.negrunch manifest.txt
gpg --verify manifest.txt.sig.arkanoider manifest.txt

gpg: Signature made fri 10 oct 2025 11:28:03 -03
gpg:                using RSA key 1E41631D137BA2ADE55344F73852B843679AD6F0
gpg: Good signature from "Francisco Calderón <fjcalderon@gmail.com>" [ultimate]

gpg: Signature made fri 10 oct 2025 11:28:03 -03
gpg:                using RSA key 2E986CA1C5E7EA1635CD059C4989CC7415A43AEC
gpg: Good signature from "Arkanoider <github.913zc@simplelogin.com>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

What's Changed in v0.16.4

🚀 Features

• feat: add days field to user rating event (kind 38384) by @Catrya in #625
• feat: implement mutation testing for Rust codebase quality assurance by @mostronatorcoder[bot] in #619
• feat: added latest tag to both mostro docker versions by @arkanoider in #610
• feat: add expiration to rating events (kind 38384) by @mostronatorcoder[bot] in #612

🐛 Bug Fixes

• fix: use targeted SQL updates in check_failure_retries and payment_success by @Catrya in #617
• fix: prevent duplicate dev fee payments via idempotency check by @mostronatorcoder[bot] in #622
• fix: use expiration settings instead of hardcoded 24h for order events by @mostronatorcoder[bot] in #614
• fix: close active dispute when seller releases funds by @Mostrica in #606

💼 Other

• Update CHANGELOG for version 0.16.4 by @grunch
• Deduplicate db test helpers by @grunch in #629
• Automated badge for toolchain and version in README.md by @arkanoider in #628
• Fix restore session dispute initiator by @BraCR10 in #599

🚜 Refactor

• refactor: extract dev fee logic into dedicated module by @arkanoider in #627

📚 Documentation

• docs: fix inconsistent pubkey format in rating and info event examples by @mostronatorcoder[bot] in #615

⚙️ Miscellaneous Tasks

• Release mostro version 0.16.4 by @grunch

Contributors

• @grunch made their contribution
• @arkanoider made their contribution in #627
• @Catrya made their contribution in #617
• @mostronatorcoder[bot] made their contribution in #622
• @BraCR10 made their contribution in #599
• @Mostrica made their contribution in #606

Full Changelog: v0.16.3...v0.16.4

Release v0.16.3

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/MostroP2P/mostro/main/keys/negrunch.asc | gpg --import
curl https://raw.githubusercontent.com/MostroP2P/mostro/main/keys/arkanoider.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest.txt.sig.negrunch, manifest.txt.sig.arkanoider and manifest.txt are in the current directory) with:

gpg --verify manifest.txt.sig.negrunch manifest.txt
gpg --verify manifest.txt.sig.arkanoider manifest.txt

gpg: Signature made fri 10 oct 2025 11:28:03 -03
gpg:                using RSA key 1E41631D137BA2ADE55344F73852B843679AD6F0
gpg: Good signature from "Francisco Calderón <fjcalderon@gmail.com>" [ultimate]

gpg: Signature made fri 10 oct 2025 11:28:03 -03
gpg:                using RSA key 2E986CA1C5E7EA1635CD059C4989CC7415A43AEC
gpg: Good signature from "Arkanoider <github.913zc@simplelogin.com>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

What's Changed in v0.16.3

🚀 Features

• feat(docker): plain image, settings.tpl.toml, StartOS as mostro-startos by @arkanoider in #597

🐛 Bug Fixes

• fix: prevent buyer_invoice leak to seller in DM payloads by @Catrya in #609

💼 Other

• Update CHANGELOG for version 0.16.3 by @grunch
• Add configurable per-kind event expiration to prevent storage bloat by @mostronator in #603
• Fix Docker DB password startup flow by @grunch in #604

⚙️ Miscellaneous Tasks

• Release mostro version 0.16.3 by @grunch

Contributors

• @grunch made their contribution
• @Catrya made their contribution in #609
• @mostronator made their contribution in #603
• @arkanoider made their contribution in #597

Full Changelog: v0.16.2...v0.16.3

Release v0.16.2

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/MostroP2P/mostro/main/keys/negrunch.asc | gpg --import
curl https://raw.githubusercontent.com/MostroP2P/mostro/main/keys/arkanoider.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest.txt.sig.negrunch, manifest.txt.sig.arkanoider and manifest.txt are in the current directory) with:

gpg --verify manifest.txt.sig.negrunch manifest.txt
gpg --verify manifest.txt.sig.arkanoider manifest.txt

gpg: Signature made fri 10 oct 2025 11:28:03 -03
gpg:                using RSA key 1E41631D137BA2ADE55344F73852B843679AD6F0
gpg: Good signature from "Francisco Calderón <fjcalderon@gmail.com>" [ultimate]

gpg: Signature made fri 10 oct 2025 11:28:03 -03
gpg:                using RSA key 2E986CA1C5E7EA1635CD059C4989CC7415A43AEC
gpg: Good signature from "Arkanoider <github.913zc@simplelogin.com>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

What's Changed in v0.16.2

🐛 Bug Fixes

• fix: prevent redundant LND queries for confirmed dev fee payments by @mostronator in #586
• fix: check LN payment status before resetting on dev fee timeout by @mostronator in #582
• fix: prevent duplicate dev fee payment on timeout by @mostronator in #584
• fix: add rate limiting to ValidateDbPassword RPC endpoint by @mostronator in #580
• fix: close active dispute when order is cooperatively canceled by @mostronator in #578

💼 Other

• Update CHANGELOG for version 0.16.2 by @grunch
• update readme: add mostrix and mobile client, remove mostro-web by @Catrya in #576

📚 Documentation

• docs: add fenced code block language specifier guideline to AGENTS.md by @mostronator in #579

⚙️ Miscellaneous Tasks

• Release mostro version 0.16.2 by @grunch
• chore: update Rust toolchain from 1.90.0 to 1.93.0 by @mostronator in #581

Contributors

• @grunch made their contribution
• @mostronator made their contribution in #586
• @Catrya made their contribution in #576

Full Changelog: v0.16.1...v0.16.2

Release v0.16.1

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/MostroP2P/mostro/main/keys/negrunch.asc | gpg --import
curl https://raw.githubusercontent.com/MostroP2P/mostro/main/keys/arkanoider.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest.txt.sig.negrunch, manifest.txt.sig.arkanoider and manifest.txt are in the current directory) with:

gpg --verify manifest.txt.sig.negrunch manifest.txt
gpg --verify manifest.txt.sig.arkanoider manifest.txt

gpg: Signature made fri 10 oct 2025 11:28:03 -03
gpg:                using RSA key 1E41631D137BA2ADE55344F73852B843679AD6F0
gpg: Good signature from "Francisco Calderón <fjcalderon@gmail.com>" [ultimate]

gpg: Signature made fri 10 oct 2025 11:28:03 -03
gpg:                using RSA key 2E986CA1C5E7EA1635CD059C4989CC7415A43AEC
gpg: Good signature from "Arkanoider <github.913zc@simplelogin.com>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

What's Changed in v0.16.1

🚀 Features

• feat: Publish NIP-01 Kind 0 metadata on startup by @grunch in #575

💼 Other

• Update CHANGELOG for version 0.16.1 by @grunch
• Inconsistent Version Tag Format in CHANGELOG by @grunch
• Missing Admin Participant Declaration in Mermaid Diagram by @grunch

📚 Documentation

• docs: Remove hardcoded line numbers and add guideline against them by @grunch in #573
• docs: Fix dev_fee calculation timing contradictions in DEV_FEE.md by @grunch in #571

⚙️ Miscellaneous Tasks

• Release mostro version 0.16.1 by @grunch

Contributors

• @grunch made their contribution

Full Changelog: v0.16.0...v0.16.1

Release v0.16.0

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/MostroP2P/mostro/main/keys/negrunch.asc | gpg --import
curl https://raw.githubusercontent.com/MostroP2P/mostro/main/keys/arkanoider.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest.txt.sig.negrunch, manifest.txt.sig.arkanoider and manifest.txt are in the current directory) with:

gpg --verify manifest.txt.sig.negrunch manifest.txt
gpg --verify manifest.txt.sig.arkanoider manifest.txt

gpg: Signature made fri 10 oct 2025 11:28:03 -03
gpg:                using RSA key 1E41631D137BA2ADE55344F73852B843679AD6F0
gpg: Good signature from "Francisco Calderón <fjcalderon@gmail.com>" [ultimate]

gpg: Signature made fri 10 oct 2025 11:28:03 -03
gpg:                using RSA key 2E986CA1C5E7EA1635CD059C4989CC7415A43AEC
gpg: Good signature from "Arkanoider <github.913zc@simplelogin.com>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

What's Changed in v0.16.0

🚀 Features

• feat: Separate Nostr event kinds for orders, ratings, info, and disputes by @grunch in #566

💼 Other

• Update CHANGELOG for version 0.16.0 by @grunch
• Small fix on readme by @grunch
• Update readme by @grunch in #564
• Include dispute initiator in Nostr dispute events by @arkanoider in #563

⚙️ Miscellaneous Tasks

• Release mostro version 0.16.0 by @grunch

Contributors

• @grunch made their contribution
• @arkanoider made their contribution in #563

Full Changelog: v0.15.6...v0.16.0