Algorand will be cryptographically signing source and binary releases as part of ensuring a trustworthy secure process. The [email protected] public key can be used to verify git tags, source releases, and most binary releases. The [email protected] public key can be used to verify rpm packages.
Algorand takes the security of the platform and of its users very seriously. To learn more about our programs for submitting a security vulnerability, please visit https://www.algorand.com/resources/security