Download

Latest release: 1.8.4  Previous releases and changelog

Sparrow Desktop

Sparrow Desktop is the fully featured desktop application. For headless systems, use Sparrow Server below.

Type Link
macOS (Intel) (10.13+) Sparrow-1.8.4-x86_64.dmg
macOS (Apple M1/M2) Sparrow-1.8.4-aarch64.dmg
Windows Installer (7+) Sparrow-1.8.4.exe
Windows Standalone (7+) Sparrow-1.8.4.zip
Linux (Intel/AMD) (Ubuntu/Debian) sparrow_1.8.4-1_amd64.deb
Linux (Intel/AMD) (Redhat/CentOS) sparrow-1.8.4-1.x86_64.rpm
Linux (Intel/AMD) Standalone sparrow-1.8.4-x86_64.tar.gz
Linux (ARM64) (Ubuntu/Debian) sparrow_1.8.4-1_arm64.deb
Linux (ARM64) (Redhat/CentOS) sparrow-1.8.4-1.aarch64.rpm
Linux (ARM64) Standalone sparrow-1.8.4-aarch64.tar.gz
Manifest Signature sparrow-1.8.4-manifest.txt.asc
Manifest sparrow-1.8.4-manifest.txt

Sparrow Server

Sparrow Server builds are intended for systems without displays (headless platforms). Note the .deb and .rpm packages install to /opt/sparrow.

Type Link
Linux (Intel/AMD) (Ubuntu/Debian) sparrow-server_1.8.4-1_amd64.deb
Linux (Intel/AMD) (Redhat/CentOS) sparrow-server-1.8.4-1.x86_64.rpm
Linux (Intel/AMD) Standalone sparrow-server-1.8.4-x86_64.tar.gz
Linux (ARM64) (Ubuntu/Debian) sparrow-server-1.8.4-1_arm64.deb
Linux (ARM64) (Redhat/CentOS) sparrow-server-1.8.4-1.aarch64.rpm
Linux (ARM64) Standalone sparrow-server-1.8.4-aarch64.tar.gz
Manifest Signature sparrow-1.8.4-manifest.txt.asc
Manifest sparrow-1.8.4-manifest.txt

Verifying the Release

For all Bitcoin software, it’s a particularly important security step to verify the release. This is done to ensure the installation file you download has not been compromised.

Sparrow 1.8.3 or later

If you have Sparrow 1.8.3 or later, this is simple to do using Sparrow itself. Just download the following 3 files to the same folder (for example, your Downloads folder):

Drag and drop any of these files onto Sparrow, and the Verify Download dialog will open and verify your download. You can also open the Verify Download dialog from the Tools menu.

Signed By: CheckCraig Raw <craig@sparrowwallet.com> on Thu Mar 7 18:47:57 2024 SAST
Release Hash: CheckMatched manifest hash
Verified: CheckReady to install Sparrow-1.8.4-aarch64.dmg

You can also use this tool to verify other software, like Bitcoin Core or the firmware for a hardware wallet.

Earlier releases

With earlier versions of Sparrow, you’ll need to have gpg or gpg2 installed on your system (see here for macOS or Windows, on Linux it’s preinstalled). Once you’ve installed gpg, you’ll need to use the command line. You can do this by opening Terminal.app in macOS, or Start > Run > cmd in Windows.

First, import the keys that have signed this release (if you haven’t done so already, or if a previously imported key has expired):

curl https://keybase.io/craigraw/pgp_keys.asc | gpg --import

Once you have the required PGP keys, you can verify the release. Download sparrow-1.8.4-manifest.txt and sparrow-1.8.4-manifest.txt.asc from the table above to the same directory (for example, your Downloads directory). Then verify the manifest file with:

cd Downloads
gpg --verify sparrow-1.8.4-manifest.txt.asc

You should see the following if the verification was successful (your timezone may differ):

gpg: assuming signed data in 'sparrow-1.8.4-manifest.txt'
gpg: Signature made Thu Mar 7 18:47:57 2024 SAST
gpg:                using RSA key D4D0D3202FC06849A257B38DE94618334C674B40
gpg: Good signature from "Craig Raw <craig@sparrowwallet.com>" [unknown]

Note that you may get a message similar to the following:

gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.

This simply means that you have not explicitly marked the public key as trusted in your own instance of GPG. In this case it is good practice to check the key against other sources, for example https://keybase.io/craigraw (click on the link next to the key icon to see the full public key). You can read more about validating keys in the GnuPG Privacy Handbook.

You have now verified the signature of the manifest file, which ensures integrity and authenticity of the manifest file - not the binaries! Next, depending on your operating system, you must re-compute the sha256 hash of the archive with shasum -a 256 <filename>. First, download the installation for your operating system (if you haven’t done so already). Then follow the steps below to compare it with the corresponding one in the manifest file, and ensure they match exactly. For example:

macOS

shasum --check sparrow-1.8.4-manifest.txt --ignore-missing
Sparrow-1.8.4.dmg: OK

Note: Older versions of macOS (pre v11) don’t support --ignore-missing. You can leave it out and ignore the missing files reported.

Linux

sha256sum --check sparrow-1.8.4-manifest.txt --ignore-missing
sparrow_1.8.4-1_amd64.deb: OK

Windows

CertUtil -hashfile Sparrow-1.8.4.exe SHA256 | findstr /v "hash"
Compare result to the appropriate value in sparrow-1.8.4-manifest.txt!

With all these steps complete you can be certain of the integrity of your download and can proceed to install!

If you are still struggling, watch this tutorial which covers the same process on macOS. There are also written tutorials for Windows and Ubuntu.

Installation

Sparrow should be installed as normal for your operating system.

Note that on QubesOS, you will need to run the following command first:

sudo mkdir /usr/share/desktop-directories/

Upgrading

Sparrow stores all wallets and settings separately from the installation in the Sparrow home folder. It is safe to uninstall Sparrow, or to upgrade the installation without risking your data. Make sure to close the application first.