Download Latest Version
partial_signatures_by_E222AA02.zip (8.3 kB)
Get an email when there's a new version of Bisq
| Name | Modified | Size | Downloads / Week |
|---|---|---|---|
| Parent folder | |||
| partial_signatures_by_E222AA02.zip | < 19 hours ago | 8.3 kB | |
| Bisq-64bit-1.10.0.rpm | 2026-05-16 | 424.9 MB | |
| Bisq-aarch64-1.10.0.dmg | 2026-05-16 | 466.4 MB | |
| Bisq-x86_64-1.10.0.dmg | 2026-05-16 | 467.8 MB | |
| Bisq-64bit-1.10.0.deb | 2026-05-16 | 430.2 MB | |
| Bisq-64bit-1.10.0.exe | 2026-05-16 | 459.5 MB | |
| Bisq-1.10.0.jar.txt | 2026-05-16 | 8.9 kB | |
| Bisq-x86_64-1.10.0.dmg.asc | 2026-05-16 | 862 Bytes | |
| signingkey.asc | 2026-05-16 | 9 Bytes | |
| Bisq-aarch64-1.10.0.dmg.asc | 2026-05-16 | 862 Bytes | |
| Bisq-64bit-1.10.0.rpm.asc | 2026-05-16 | 862 Bytes | |
| Bisq-64bit-1.10.0.exe.asc | 2026-05-16 | 862 Bytes | |
| Bisq-1.10.0.jar.txt.asc | 2026-05-16 | 862 Bytes | |
| Bisq-64bit-1.10.0.deb.asc | 2026-05-16 | 862 Bytes | |
| 387C8307.asc | 2026-05-16 | 3.2 kB | |
| 4A133008.asc | 2026-05-16 | 3.2 kB | |
| E222AA02.asc | 2026-05-16 | 3.2 kB | |
| README.md | 2026-05-15 | 5.0 kB | |
| v1.10.0 source code.tar.gz | 2026-05-15 | 277.2 MB | |
| v1.10.0 source code.zip | 2026-05-15 | 278.3 MB | |
| Totals: 20 Items | 2.8 GB | 0 | |
Bisq 1.10.0 follows the recent security incident with a focused hardening release that improves trade protocol security, network message validation, release verification, and hardening against supply chain attacks.
A detailed post-mortem covering the incident, investigation, impact assessment, and the security improvements introduced with this release will be published in the coming days on the Bisq webpage.
Note: As this release adds support for both Intel and Apple Silicon macOS binaries, the in-app download for macOS binaries will not work for this release. Please download, install, and verify the macOS binaries manually.
Release notes
Security Improvements
- Hardened validation of trade protocol messages, deposit transactions, payout transactions, trade contract data, and peer-provided wallet data.
- Improved protection against supply chain attacks by adding PGP signature verification to dependency resolution.
- Updated Java, JavaFX, Tor, bitcoinj, and other dependencies to their latest stable versions.
- Improved the build process with additional verification of the build toolchain.
- Added Docker-based DAO and end-to-end trade tests to GitHub Actions. This work will continue over the coming weeks.
Security Improvements Affecting the Trading Experience
- The maximum trade amount is now limited to
0.125 BTC. - Offers and trades are now restricted to a maximum price deviation of
25%. - Disabled XMR auto-confirmation. No issues have been identified, but a more in-depth security audit is planned for this area.
- Removed the webcam library used for QR code scanning to reduce security risks. A more secure replacement will be introduced in the next release.
- Removed dispute chat attachments and dispute log file transfers for security reasons.
- Added a popup reminder advising users not to use the Bisq wallet as a long-term storage wallet when holding higher balances.
UX
- Improved performance by updating JavaFX and Java versions.
Network And Runtime
- The DAO full-node bitcoind RPC layer was migrated for Bitcoin Core 29.2 support, with updated bitcoind targets and reorg-test coverage.
- Bundled DAO and network resource snapshots were refreshed for the release.
Deployment
- macOS releases now support both Apple Silicon and Intel-based Macs.
- The reproducible build system is now partially in place, though not yet applied to this release. The next release will fully benefit from it.
Installation
macOS
Bisq does not use Apple's notarization process (see why).
For that reason you will see that (misleading) alert:
Grant permissions by:
- run
sudo xattr -rd com.apple.quarantine /Applications/Bisq.appin a terminal (type Terminal in the Apple search box) - open
Bisqagain
More details can be found here.
Windows
For similar reasons you will get that warning at Windows: Windows protected your PC
- Click the
More infobutton when prompted - Click the
Run anywaybutton when prompted
More details can be found here.
Verify download
See the verification and installation instructions in the Bisq Wiki.
Context to the binary signing process used for that release:
Alejandro García (key ID E222AA02) built all binaries except the new aarch64 macOS target, as he does not yet have a VM configured for it. Therefore, Henrik Jannsen (key ID 387C8307) provided the aarch64 macOS binary and signed the binaries he received from Alejandro.
Our in-app verification tool does not currently support mixed keys or signatures. It reads the key ID specified in signingkey.asc and applies it uniformly to all binaries. For this reason, Henrik re-signed all binaries using his own key so that the verification process remains consistent and compatible with the current implementation.
Please note that both Alejandro García and Henrik Jannsen are official release managers for Bisq 1 and Bisq 2. Their public keys have been included in the source code for a long time and are distributed with the application to enable independent key verification and cross-checking.
The partial_signatures_by_E222AA02.zip contains the original signatures provided by Alejandro. User can use those to verify using key E222AA02.
Relevant references:
github.com/bisq-network/bisq/tree/master/desktop/src/main/resources/keyshttps://bisq.network/pubkey/E222AA02.aschttps://bisq.network/pubkey/387C8307.asc
The release process will be further improved in the next version through the introduction of reproducible builds.
