PDF Changer

Donation trust center

Beginner-first and technical verification flow for donation addresses.

Trust status
Proof ID: 2026-03-01-main
Published: 2026-03-01 00:00:00 UTC
Valid from: 2026-03-01 00:00:00 UTC
Last verified: 2026-03-01 00:00:00 UTC

Quick verify (beginner path)

  1. Download the statement, signature, and signing key files.
  2. Import key, then run verify command shown below.
  3. Confirm the fingerprint exactly matches the pinned value.
gpg --import donate-proof/v1/signing-key.asc
gpg --verify donate-proof/v1/addresses.txt.asc donate-proof/v1/addresses.txt
Expected pass outcome: Good signature and exact fingerprint match. If either fails, do not donate.

Verification files

File SHA-256 Size
/donate-proof/v1/addresses.txt e53a0a753807fc5fea896b0525d70fca05ca04b7a24634f89c57c8037c2ea0fc 736
/donate-proof/v1/addresses.txt.asc 57177b542fb8703bf7c9d1c175c70e5c797a3a14e0491681a9a1c1d111ba1e71 455
/donate-proof/v1/signing-key.asc a8785e2f07c0800fc3ee758cbe78b78cf1cc21db3de47217839a4c94671d21ff 474
/donate-proof/v1/README.txt b80dda16172a2eb2706829e159b59b38bd6515099b125ee8d538657f60d2f118 753
Statement · Signature · Manifest · Signing key · README

Key identity

Fingerprint: 9A6E8E58D9D5F39E3FAE6F53A4C71C62C5B5E941
Key ID: A4C71C62C5B5E941
Algorithm: RSA-4096
First seen: 2026-02-20 00:00:00 UTC
Rotation policy: old keys remain available in archive with retirement or revocation notes.

Advanced verification

Linux/macOS commands 
curl -O /donate-proof/v1/addresses.txt
curl -O /donate-proof/v1/addresses.txt.asc
curl -O /donate-proof/v1/signing-key.asc
gpg --import donate-proof/v1/signing-key.asc
gpg --verify donate-proof/v1/addresses.txt.asc donate-proof/v1/addresses.txt
Windows commands 
curl.exe -O /donate-proof/v1/addresses.txt
curl.exe -O /donate-proof/v1/addresses.txt.asc
curl.exe -O /donate-proof/v1/signing-key.asc
gpg --import donate-proof/v1/signing-key.asc
gpg --verify donate-proof/v1/addresses.txt.asc donate-proof/v1/addresses.txt
Offline workflow: download files, disconnect network, run GPG verification locally.

If verification fails

  • Stop. Do not send funds.
  • Do not trust screenshots or copied social-media addresses.
  • Reload the official domain and repeat verification.
  • Check status page for key rotation notes.

Common scam patterns

  • Screenshot address replacement or edited chat screenshots.
  • Mirror domains serving stale proof bundles from old cache.
  • Clipboard malware replacing pasted wallet addresses.
  • Lookalike domain names with fake "verified" badges.

Threat model and limits

This proof model protects against silent address replacement and stale artifact confusion. It does not protect against compromised devices, malicious extensions, or phishing domains that users trust manually.

Address list in current proof

Network Address
Bitcoin (BTC) bc1qpdfchangerexample8h4x4n7qk0r6xw2f6f0p7m3q9a
Ethereum (ETH) 0x7E57f6BfA3f8e7864A6f5F0469C88b3d4A58cB2E
Monero (XMR) 89aJ9N9dYcXPPDFChangerExampleYwR9FoJ8jCQ4fVQk3v7eML6zvQxR1VdAayhE2qkGgKV9Yv7QzYt8fYXs5U7nYmxnq6Gr3m

Archive links

Open proof archive for prior proofs, old keys, and revocation history.