Skip to content
LogoLogo

Installation

We provide three different installation paths - installing a pre-built binary, building from source or using our provided Docker image.

Versions

The versions across networks may not be compatible, as such, please consult the table below on what version for what network you should be running.

NetworkVersion
Mainnetv1.1.0
Moderato (Testnet)v1.1.0
Andantino (Deprecated Testnet)v0.8.2

Pre-built Binary

curl -L https://tempo.xyz/install | bash
tempo --version

To update Tempo in the future, simply run tempoup.

Build from Source

# Install Rust
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
source $HOME/.cargo/env
 
# Build and install from source using cargo
cargo install --git https://github.com/tempoxyz/tempo.git tempo --root /usr/local
tempo --version

Docker

You can find the latest tagged version of Tempo at the Tempo GHCR package.

# Pull the latest Docker image
docker pull ghcr.io/tempoxyz/tempo:<version>
 
# Run the Docker container
docker run -d --name tempo ghcr.io/tempoxyz/tempo:<version> --version
docker logs tempo

Verifying Releases

All release artifacts are cryptographically signed starting after v1.1.1. We recommend verifying signatures before running any binary.

Binary Signatures (GPG)

Release binaries are signed with GPG. The tempoup installer verifies signatures automatically when gpg is available.

To verify manually:

# Import the Tempo release signing key
gpg --keyserver keyserver.ubuntu.com --recv-keys EE3C5D41EA963E896F310EC3CBBFA54B20D33446
 
# Verify a downloaded binary
gpg --verify tempo-v1.1.0-x86_64-unknown-linux-gnu.tar.gz.asc \
    tempo-v1.1.0-x86_64-unknown-linux-gnu.tar.gz

A successful verification will show Good signature from "Tempo Release Signing Key".

Fingerprint: EE3C 5D41 EA96 3E89 6F31 0EC3 CBBF A54B 20D3 3446

Public Key
-----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEaYXmJhYJKwYBBAHaRw8BAQdAa+cO3zz4+YQuPgUCNXSW7ApNTCAIwx9wBfPc
lXyZBw20Xlp5Z2ltYW50YXMgTWFnZWxpbnNrYXMgKFRlbXBvIHJlbGVhc2Ugc2ln
bmluZyBrZXkgZm9yIDIwMjYgYW5kIG9ud2FyZHMpIDx6eWdpbWFudGFzQHRlbXBv
Lnh5ej6IkwQTFgoAOxYhBO48XUHqlj6JbzEOw8u/pUsg0zRGBQJpheYmAhsDBQsJ
CAcCAiICBhUKCQgLAgQWAgMBAh4HAheAAAoJEMu/pUsg0zRGjJABAP8dy+gWx/E8
EqzkKEUkEfLiRZ6n8APsc0aI5gqwfVAuAP99147oAq9cWVkNMh5PQmvdSG8MIx7Z
G4OIGIHqFwKSCA==
=o2TA
-----END PGP PUBLIC KEY BLOCK-----

Docker Image Signatures (Cosign)

Docker images are signed with Cosign using keyless signing via GitHub Actions OIDC.

To verify a Docker image:

# Install cosign: https://docs.sigstore.dev/cosign/system_config/installation/
cosign verify ghcr.io/tempoxyz/tempo:latest \
  --certificate-identity-regexp="https://github.com/tempoxyz/tempo/" \
  --certificate-oidc-issuer="https://token.actions.githubusercontent.com"

This verifies that the image was built and signed by the official Tempo CI pipeline.

SHA256 Checksums

Every release archive includes a .sha256 checksum file:

# Download the checksum file
curl -sSfLO https://github.com/tempoxyz/tempo/releases/download/v1.1.0/tempo-v1.1.0-x86_64-unknown-linux-gnu.tar.gz.sha256
 
# Verify
shasum -a 256 -c tempo-v1.1.0-x86_64-unknown-linux-gnu.tar.gz.sha256