verifying files with gpg kind of sucks, right? i've started bridging gpg verified files to nostr to make it easier. just drop a file in https://verify.tinfoilhash.com and you're on your way, starting with the following packages: - bitcoin core - coldcard by @56172b53…17ee96e0 @e88a691e…27850411 - seedsigner by @f2c96c97…6799d400 - sparrow by @be7a5291…514f08e6 the hope is that the authors of these packages start signing and publishing directly with their own nostr identity. until then, the bridging code is fully open source and auditable, so you can decide whether to trust me or not: https://github.com/tinfoilhash/verify-from-gpg