From c40dd40861921e0d551ba4e04647c01e380d5a4f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Aliberk=20Sand=C4=B1k=C3=A7=C4=B1?= <git@asandikci.com>
Date: Wed, 22 Jan 2025 02:30:52 +0300
Subject: [PATCH] update readme

- this is actually for signing commits (tag) with gpg
---
 README.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/README.md b/README.md
index c0626efda..5a2e40b7e 100644
--- a/README.md
+++ b/README.md
@@ -47,6 +47,9 @@ This is the SHA fingerprint of LastPipeBender's signing key to verify downloaded
 1B:00:8D:64:BB:95:AB:47:74:D6:8B:87:F2:2B:8B:E9:A2:72:F4:92:4D:F5:20:29:D7:E6:18:38:35:D9:18:CC
 ```
 
+You should also check checksums in releases. Also you can compare checksums with GitHub Actions notices to ensure the apk file built with CI
+
+
 ### Project Management
 
 ```mermaid