Ironically the prebuilt binaries of hashpipe itself are provided without means of verification :I
So if you are going to use hashpipe, I think you should download it in source form, read it -- it's under 100 SLOC -- and then build it from source yourself. This way, you do that once and then in the future provided that you trust those sending you various scripts and binaries and the channel they used to provide the hash, all is well and no further manual verification is needed on your side of things ever again for any of those.
So if you are going to use hashpipe, I think you should download it in source form, read it -- it's under 100 SLOC -- and then build it from source yourself. This way, you do that once and then in the future provided that you trust those sending you various scripts and binaries and the channel they used to provide the hash, all is well and no further manual verification is needed on your side of things ever again for any of those.