Raspibolt: replacing Bitcoin Core with Knots (v29.1)
If you have a DIY node built with instructions from RaspiBolt and wish to patch it with fixes that do not relay SPAM transactions, here's a quick guide to replace Bitcoin Core with Bitcoin Knots.
Instructions originally written for v25.1, then updated to v26.1, and currently v29.1.
If you have a DIY node built with instructions from RaspiBolt and wish to patch it with fixes that do not relay SPAM transactions, here's a quick guide to replace Bitcoin Core with Bitcoin Knots.
This guide is assuming you already built your node with Bitcoin Core. Using the Bitcoin client chapter in the original instructions, we're going to replicate analogous steps to download, verify and install Knots.
Preparations
- Login as “admin” and change to a temporary directory which is cleared on reboot.
$ cd /tmp
- Get the latest download links at bitcoinknots.org/#download (ARM Linux 64 bit), they change with each update.
- Note: If you have an x86_64 or another architecture, pick the right one. Notice aarch64 below
$ VERSION="29.1.knots20250903"
# download Bitcoin Knots binary
$ wget https://bitcoinknots.org/files/29.x/$VERSION/bitcoin-$VERSION-aarch64-linux-gnu.tar.gz
# download the list of cryptographic checksum
$ wget https://bitcoinknots.org/files/29.x/$VERSION/SHA256SUMS
# download the signatures attesting to validity of the checksums
$ wget https://bitcoinknots.org/files/29.x/$VERSION/SHA256SUMS.asc
Checksum check
- Check that the reference checksum in file
SHA256SUMSmatches the checksum calculated by you (ignore the “lines are improperly formatted” warning)
$ sha256sum --ignore-missing --check SHA256SUMS
> bitcoin-25.1.knots20231115-aarch64-linux-gnu.tar.gz: OK
Signature check
Bitcoin releases are signed by several individuals, each using their own key. To verify the validity of these signatures, you must first import the corresponding public keys into your GPG key database.
- The next command download and imports automatically all signatures from the Bitcoin Core release attestations (Guix) repository
$ curl -s "https://api.github.com/repositories/355107265/contents/builder-keys" | grep download_url | grep -oE "https://[a-zA-Z0-9./-]+" | while read url; do curl -s "$url" | gpg --import; done
Expected output:
> gpg: key 17565732E08E5E41: 29 signatures not checked due to missing keys
> gpg: /home/admin/.gnupg/trustdb.gpg: trustdb created
> gpg: key 17565732E08E5E41: public key "Andrew Chow <andrew@achow101.com>" imported
> gpg: Total number processed: 1
> gpg: imported: 1
> gpg: no ultimately trusted keys found
[...]
- Verify that the checksums file is cryptographically signed by the release signing keys. The following command prints signature checks for each of the public keys that signed the checksums.
$ gpg --verify SHA256SUMS.asc
- Check that at least a few signatures show the following text.
> gpg: Good signature from ...
> Primary key fingerprint: ...
Installation
- If you’re satisfied with the checksum and signature checks, extract the Bitcoin Knots binaries, install them and check the version.
$ tar -xvf bitcoin-$VERSION-aarch64-linux-gnu.tar.gz
$ sudo install -m 0755 -o root -g root -t /usr/local/bin bitcoin-$VERSION/bin/*
$ bitcoind --version
> Bitcoin Knots version v29.1.knots20250903
> [...]
Restart Bitcoin Knots
sudo systemctl restart bitcoind.service
Verification of bitcoind operations
After rebooting, “bitcoind” should start and begin to sync and validate the Bitcoin blockchain.
- Wait a bit, reconnect via SSH and login with the user “admin”.
- Check the status of the bitcoin daemon that was started by “systemd”. Exit with
Ctrl-C
● bitcoind.service - Bitcoin daemon
Loaded: loaded (/etc/systemd/system/bitcoind.service; enabled; preset: enabled)
Active: active (running) since Sun 2025-09-07 17:55:24 CEST; 4min 8s ago
Process: 3979166 ExecStart=/usr/local/bin/bitcoind -daemon -pid=/run/bitcoind/bitcoind.pid -conf=/home/bitcoin/.bitcoin/bitcoin.conf -datadir=/home/bitcoin/.bitcoin -startupnotify=systemd-notify --ready (code=exited, status=0/SUCCESS)
Main PID: 3979167 (bitcoind)
Tasks: 32 (limit: 18198)
Memory: 641.8M (peak: 805.1M)
CPU: 13.182s
CGroup: /system.slice/bitcoind.service
├─3979167 /usr/local/bin/bitcoind -daemon -pid=/run/bitcoind/bitcoind.pid -conf=/home/bitcoin/.bitcoin/bitcoin.conf -datadir=/home/bitcoin/.bitcoin "-startupnotify=systemd-notify --ready"
└─3979225 tor -f -
Summary
As you can see it is easy to drop-in replace Bitcoin Knots in RaspiBolt to start using a version which has bug fixes related to SPAM vulnerability: CVE-2023-50428.