Download & verify Trezor Suite

This article explains how to download and verify the Trezor Suite desktop application on the most common operating systems.

   

Download the Trezor Suite desktop application

The Trezor Suite desktop application is a software interface built to provide a multi-functional platform for Trezor devices. It is available for Linux, MacOS and Windows.
 

You should only trust downloads from our official website or GitHub page:

Official website: https://trezor.io/trezor-suite
GitHub: https://github.com/trezor/trezor-suite/releases

 

• First, go to the Trezor Suite web page: https://trezor.io/trezor-suite
• Select your operating system from the drop-down menu:

 

• Once you have made your selection, click on Get desktop app and wait for the download to complete
• Once the file is downloaded, you may proceed with the verification process detailed below

   

Verify the download

If you want to verify the download prior to installing the Trezor Suite desktop application, please follow the steps described below.

 

• First, make sure that you have downloaded both our signing key and the signature of the binary from the Trezor Suite download page. 
• The links for downloading these are underneath the Get desktop app button.

 

• You will need to have these files in the same directory as the Trezor Suite installer file.
• Please note that the version shown in the above screenshot is for illustrative purposes; the Trezor website will always offer the latest version for download.

 

Linux

In the terminal, change to the directory containing the files, and proceed with the following steps:

Import the signing key
 
Verify the signature
  (Replace the version shown in the above example with the latest release)

GPG should then return a positive match on our signing key: Good signature from "SatoshiLabs 2021 Signing Key".

The primary key fingerprint should be: EB48 3B26 B078 A4AA 1B6F 425E E21B 6950 A2EC B65C

Unless you tell GPG to trust the key, you will see the warning:

 
This just means that it's not certified by another 3rd party authority. If the downloaded installer file was a fake, the signature verification process would fail and you would be warned that the fingerprints do not match.

Useful tip: How to run the desktop application on Linux

1. Mark the binary as executable:
  (Replace the version shown in the above example with the latest release)

2. Run the binary
  (Replace the version shown in the above example with the latest release)

Note: on Debian, CentOS, and similar distributions, you may need a --no-sandbox flag.
 

 

MacOS

To verify Trezor Suite on MacOS, you'll need to install a GPG utility such as GPG Suite. 

Once you've installed your preferred application, download the Trezor Suite installer, signing key, and signature to the same directory.

In the terminal, change to the directory containing the files, and proceed with the following steps:

Import the signing key
 
Verify the signature
  (Replace the version shown in the above example with the latest release)

GPG should then return a positive match on our signing key, i.e., Good signature from "SatoshiLabs 2021 Signing Key".
 

Windows

To verify Trezor Suite on Windows, you'll need to install a GPG utility such gpg4win. This contains the application Kleopatra, which is a certificate manager and graphical user interface for GnuPG on Windows.

After installing the application, download the Trezor Suite installer, signing key, and signature to the same directory.
 

• Open Kleopatra
• Import the signing key via File > Import > Browse or using the 'Import' shortcut button on the homescreen
  • File to import: satoshilabs-2021-signing-key.asc
• At this stage you can also choose to mark the certificate as valid (if you leave it uncertified, you can still verify the binaries)
• After importing the signing key, go to File > Decrypt / Verify, and select the installer file
  • Installer file: Trezor-Suite-22.4.3-win-x64.exe (replace the version with the latest release)
• Kleopatra will perform the verification process and display the results
• If you did not mark the certificate as valid, you will see the "data could not be verified message", which can be ignored.
• Before closing the window, click on 'Show Audit Log', and you should see the message Good signature from "SatoshiLabs 2021 Signing Key", i.e., the software can be safely installed.