From ca061b80090b2a7e1634a3f28141a559d2af4782 Mon Sep 17 00:00:00 2001
From: HenrikJannsen <boilingfrog@gmx.com>
Date: Mon, 24 Jul 2023 23:43:01 +0200
Subject: [PATCH] Extract 3 sections from the release notes as markdown pages.
 The release notes page is quite a lot of text and linking to those md files
 seems a better approach.

Update slightly the text where appropriate.

Signed-off-by: HenrikJannsen <boilingfrog@gmx.com>
---
 docs/api-overview.md                   | 32 +++++++++++++++
 docs/known-issues-with-installation.md | 55 ++++++++++++++++++++++++++
 docs/verify-download-files.md          | 42 ++++++++++++++++++++
 3 files changed, 129 insertions(+)
 create mode 100644 docs/api-overview.md
 create mode 100644 docs/known-issues-with-installation.md
 create mode 100644 docs/verify-download-files.md

diff --git a/docs/api-overview.md b/docs/api-overview.md
new file mode 100644
index 00000000000..79711077609
--- /dev/null
+++ b/docs/api-overview.md
@@ -0,0 +1,32 @@
+## API overview
+
+Starting with v1.9.0 you can use pre-built versions of the Bisq cli (bisq-cli-v1.9.11.zip) and Bisq daemon (
+bisq-daemon-v1.9.11.zip) to use Bisq without touching the user interface.
+
+Just download the archives and extract them locally. You have to run the daemon to access the local Bisq daemon API
+endpoints.
+
+To run daemon.jar on Mainnet:
+
+`$ java -jar daemon.jar --apiPassword=becareful`
+
+If you just want to control your headless daemon within your terminal you have to run the Bisq cli as well.
+Again just download the bisq-cli archive and extract it locally.
+To call getversion from cli.jar
+
+`$ java -jar cli.jar --password=becareful getversion`
+
+You can use the Bisq API to access local Bisq daemon API endpoints, which provide a subset of the Bisq Desktop
+application's feature set: check balances, transfer BTC and BSQ, create payment accounts, view offers, create and take
+offers, and execute trades.
+
+The Bisq API is based on the gRPC framework, and any supported gRPC language binding can be used to call Bisq API
+endpoints.
+
+You'll find in-depth documentation and examples under following link: https://bisq-network.github.io/slate/#introduction
+
+Bisq gRPC API reference documentation example source code is hosted on GitHub
+at https://github.com/bisq-network/bisq-api-reference. Java and Python developers interested in bot development may find
+this Intellij project useful for running the existing examples, and writing their own bots.
+
+For additional developer support please join Development - Bisq v1 on Matrix.
diff --git a/docs/known-issues-with-installation.md b/docs/known-issues-with-installation.md
new file mode 100644
index 00000000000..936f487f934
--- /dev/null
+++ b/docs/known-issues-with-installation.md
@@ -0,0 +1,55 @@
+## Known issues with installation
+
+### macOS:
+
+We removed notarization from our build pipeline because of the risk of Apple certification revocation (
+see https://github.com/bisq-network/bisq/discussions/6341). Unfortunately this will require extra steps when installing
+Bisq on macOS.
+
+Please follow the guide at https://support.apple.com/en-us/HT202491 in the section If you want to open an app that
+hasn't been notarized or is from an unidentified developer
+
+If you are running already macOS Ventura (13.0+) you need to do following to be able to start Bisq:
+
+Enter following command in Apple Terminal `sudo xattr -rd com.apple.quarantine /Applications/Bisq.app`
+hit enter, and you will be prompted to enter your password to be able to execute the command as super user
+
+### Windows:
+
+We removed the developer code signing for the same reason mentioned above.
+For Windows you just have to ignore the warning after you have verified the installation file yourself and proceed with
+the installation.
+
+There is a known issue with Anti Virus software. We got several reports from users running into different problems.
+Either the AV software blocks Bisq or Tor, delete files in the data directory [2] or app directory [1] or cause such a
+long delay at startup that Tor gets terminated and a file remains locked which can cause that Bisq cannot be started
+afterwards. To resolve that you need to restart Windows then the lock get released. We are working on solutions to fix
+those issues.
+
+If you use Crypto currencies on your Windows system be aware that Windows is much more vulnerable to malware than Linux
+or OSX. Consider to use a dedicated non-Windows system when dealing with cryptocurrencies.
+
+### Linux:
+
+Hint for Debian users:
+If you have problems starting Bisq on Debian use: `/opt/bisq/bin/Bisq`
+
+If your Linux distro does not support `.deb` files please follow this instruction:
+
+```
+cd ~/Downloads
+mkdir tmp
+cd tmp
+ar x ../Bisq-64bit-1.9.11.deb
+sudo tar Jxvf data.tar.xz
+sudo cp -rp opt/Bisq /opt/
+```
+
+That instruction is not tested on many different distros. If you encounter problems please report it in a Github issue
+so we can improve it.
+
+[1] Application directory (contains application installation files):
+C:\Users<username>\AppData\Local\Bisq
+
+[2] Data directory (contains all Bisq data including wallet):
+C:\Users<username>\AppData\Roaming\Bisq\btc_mainnet\tor (you can delete everything except the hiddenservice directory)
diff --git a/docs/verify-download-files.md b/docs/verify-download-files.md
new file mode 100644
index 00000000000..b2213371c44
--- /dev/null
+++ b/docs/verify-download-files.md
@@ -0,0 +1,42 @@
+## Verification of Bisq updates
+
+If you have Bisq already installed it is best to update from inside the Bisq application and let Bisq perform the
+signature verification. The Bisq application contains the PGP keys used for signing and those will be compared to the
+signing key from the Github download page and the Bisq webpage. This provides an additional layer of security compared
+to downloading and verifying it via the Github page only.
+
+For a detailed description on how to verify your Bisq installer please have a look at our
+wiki: https://bisq.wiki/Downloading_and_installing#Verify_installer_file
+
+### Signing key
+
+Url of the signing key (Alejandro García): https://bisq.network/pubkey/E222AA02.asc
+Full fingerprint:
+
+`B493 3191 06CC 3D1F 252E  19CB F806 F422 E222 AA02`
+
+### Import the key:
+
+`curl https://bisq.network/pubkey/E222AA02.asc | gpg --import`
+
+GPG prints a confusion warning: "This key is not certified with a trusted signature!". You can ignore that or read up
+at https://serverfault.com/questions/569911/how-to-verify-an-imported-gpg-key for background information what it means.
+
+### How to verify signatures?
+
+`gpg --digest-algo SHA256 --verify BINARY{.asc*,}`
+
+Replace BINARY with the file you downloaded (e.g. Bisq-1.9.11.dmg)
+
+### Verify jar file inside binary:
+
+You can verify on OSX the jar file with:
+
+`shasum -a256 [PATH TO BISQ APP]/Bisq.app/Contents/app/desktop-1.9.11-all.jar`
+
+The output need to match the value from the `Bisq-1.9.11.jar.txt` file.
+
+There are three hashes within the Bisq-1.9.11.jar.txt file (macOS, Windows, Linux).
+If you want to reproduce and verify the hash of the jar file locally, you need to do so on Windows or Linux using Java
+15.0.9 and the v1.9.11 release tag. Because of the signing and notarization process that requires the developer
+certificate used for the build on macOS it is not possible to create the same jar on macOS.