Description
Signs files and verifies digital signatures with a small command-line workflow. It helps confirm that a downloaded file really came from the expected signer and was not changed after signing.
Use it when a project publishes minisign public keys or signature files. Signature checks only prove trust when the public key itself came from a reliable source.