Daedalus auto-update to 5.0.0 was unsigned (Windows 11)


Some hours ago, I opened my Daedalus wallet and it needed an update to version 5.0.0.
I checked the box and allowed the updating process as usually.

But this time, Windows 11 prompted me an unsigned authorization to continue.
Every other updates was always signed by IOHK.
At first I declined, then I relaunched Daedalus 4.11.0 and allowed the wallet to update itself. Again, it was unsigned. I told myself it’s coming from the wallet and from IOHK so it should be safe and I finally approved the Windows prompt.

Rest of the update worked as usual and the freshly updated Daedalus seems to run fine. I stopped the wallet during sync since my anxiety was growing.

Now I’m really worried, am I right ?
Did anyone had this unsigned update problem too ?
I’ve sent an email to the iohk support team to know more about this case.

Happened to me as well at win 11
Signature changed from Input Output HK Limited to IOG Singapore PTE Ltd
Checked everything and it seems fine.

1 Like

Thank you for your reply Xpriens.

I also noticed this change in the signature name with the manually downloaded Daedalus 5.0.0 installer. It was not a concern for me. What was worrying me is I was prompted an unsigned installation using the auto-update within Daedalus 4.11.0 and I allowed it to pursue on the second try.

Thinking my setup could have been compromised, I opened this topic.

I had a quick answer from the IOHK support team.
The Daedalus auto-update was displayed as unsigned because I did not completed all the Windows 11 updates before updating the wallet.

I thought I had them all installed but it turns out I was wrong, because the Windows update queue had to be refreshed between each restart to show next updates.

To be more precised, I installed :

  • KB5017497
  • KB5012170
  • KB5017328

Then I launched Daedalus thinking I was good.
Daedalus auto-update prompted me an unsigned installation.

After the IOHK support answer, I saw several new Windows updates :

  • KB5017859
  • version 22H2 for x64 (KB5017271)
  • KB5017389

The 22H2 version seems to modify the way signing method are recognized on Windows 11, so it should explain the issue I had.

I had all the updates and i still got the unsigned message.
Even though i checked the file and seemed good i deleted it and downloaded the setup file from daedalus wallet site to manually upgrade. After running it i didn’t get the unsigned message.

1 Like

By the way, I would feel safer if Daedalus had an extra-step to check the integrity of all the installed files it uses at the beginning of the launch.

SHA256 checksum is fine when we download the installer from the official website but it’s irrelevant when using the auto-update feature.

1 Like

It’s disturbing. Maybe we were on a wrong path with the IOHK support in our search for an explanation.

I think they possibly missed something on the Daedalus auto-update 4.11.0 to 5.0.0 for their Windows 11 Client. But in that case, it’s strange there aren’t more other users worried for this problem.

Following your last message I uninstalled Daedalus and reinstalled it using the file manually downloaded from their official website with good SHA256 checksum and recognized signature.

1 Like