From 6b9d1705822b303c5f078880759555437ed8b5ff Mon Sep 17 00:00:00 2001
From: Wroclaw <wroclaw223@outlook.com>
Date: Sun, 17 Mar 2024 17:12:51 +0100
Subject: electrum: updater: use keys from source github repository

---
 pkgs/applications/misc/electrum/update.nix | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

diff --git a/pkgs/applications/misc/electrum/update.nix b/pkgs/applications/misc/electrum/update.nix
index 7a0fb8fd3eb6..509a64378088 100644
--- a/pkgs/applications/misc/electrum/update.nix
+++ b/pkgs/applications/misc/electrum/update.nix
@@ -4,6 +4,7 @@
 , bash
 , coreutils
 , curl
+, fetchurl
 , gnugrep
 , gnupg
 , gnused
@@ -13,7 +14,22 @@
 let
   downloadPageUrl = "https://download.electrum.org";
 
-  signingKeys = ["6694 D8DE 7BE8 EE56 31BE D950 2BD5 824B 7F94 70E6"];
+  signingKeys = lib.lists.map fetchurl [
+    {
+      url = "https://github.com/spesmilo/electrum/raw/master/pubkeys/Emzy.asc";
+      hash = "sha256-QG0cM6AKlSKFacVlhcso/xvrooUdF7oqoppyezt0hjE=";
+    }
+    {
+      url = "https://github.com/spesmilo/electrum/raw/master/pubkeys/ThomasV.asc";
+      hash = "sha256-37ApVZlI+2EevxQIKXVKVpktt1Ls3UbWq4dfio2ORdo=";
+    }
+    {
+      url = "https://github.com/spesmilo/electrum/raw/master/pubkeys/sombernight_releasekey.asc";
+      hash = "sha256-GgdPJ9TB5hh5SPCcTZURfqXkrU4qwl0dCci52V/wpdQ=";
+    }
+  ];
+
+  gpgImportPaths = lib.concatStringsSep " " signingKeys;
 in
 
 writeScript "update-electrum" ''
@@ -48,7 +64,7 @@ sigFile=$srcFile.asc
 export GNUPGHOME=$PWD/gnupg
 mkdir -m 700 -p "$GNUPGHOME"
 
-gpg --batch --recv-keys ${lib.concatStringsSep " " (map (x: "'${x}'") signingKeys)}
+gpg --batch --import ${gpgImportPaths}
 gpg --batch --verify "$sigFile" "$srcFile"
 
 sha256=$(nix-prefetch-url --type sha256 "file://$PWD/$srcFile")
-- 
cgit 1.4.1