Hacker News new | ask | show | jobs
by jpdaigle 1921 days ago
The one time I've tried doing this sort of "publish hash first, plaintext later" scheme, verification was hard because the hashing is vulnerable to whether or not the reader adds a newline after the text, a CR vs a CRLF, etc.
2 comments
renewiltord 1921 days ago
I think the best way is to post the command. So what I do is post

    printf "Hello World" | sha256sum
link
ssimono 1920 days ago
There is a /raw endpoint to make it easy. On a released pok you can do curl <pok-url>/raw | sha256sum
link