Installing the SDK¶
1. Install the dependencies¶
The SDK currently runs on Windows, MacOS or Linux.
You need to install:
JDK 8 or greater.
You can get the JDK from Zulu 8 JDK or Oracle 8 JDK (requires you to accept Oracle’s license). As part of the installation process you might need to set up the
JAVA_HOME
variable. You can find here the instructions on how to do it on Windows, Mac OS, and Linux.
2. Install the SDK¶
In order to install the DAML SDK you will first need to
- download and install it and
- add
~/.daml/bin
to yourPATH
variable settings. You need to do this in order to be able to call daml assistant’s commands with ease. This will allow you easier workflow when developing your DAML application.
Mac and Linux¶
To install the SDK on Mac or Linux:
Run:
curl -sSL https://get.daml.com/ | sh
Add
~/.daml/bin
to your PATH. You can find the Mac OS and Linux instructions here.
Windows¶
- We support running the SDK on Windows 10. To install the SDK on Windows, download and run the installer from https://github.com/digital-asset/daml/releases/latest.
- Your
PATH
variable is already set up correctly by the installer.
Next steps¶
- Follow the getting started guide.
- Use
daml --help
to see all the commands that the DAML assistant (daml
) provides. - If you run into any problems, use the support page to get in touch with us.
Alternative: manual download¶
The cURL command above will automatically download and run the DAML installation script from GitHub (using TLS). If you require a higher level of security, you can instead install the SDK by manually downloading the compressed tarball, verifying its signature, extracting it and manually running the install script.
Note that the Windows installer is already signed (within the binary itself), and that signature is checked by Windows before starting it. Nevertheless, you can still follow the steps below to check its external signature file.
To do that:
Go to https://github.com/digital-asset/daml/releases. Confirm your browser sees a valid certificate for the github.com domain.
Download the artifact (Assets section, after the release notes) for your platform as well as the corresponding signature file. For example, if you are on macOS and want to install release 0.13.27, you would download the files
daml-sdk-0.13.27-macos.tar.gz
anddaml-sdk-0.13.27-macos.tar.gz.asc
. Note that for Windows you can choose between the tarball, which follows the same instructions as the Linux and macOS ones (but assumes you have a number of typical Unix tools installed), or the installer, which ends with.exe
. Regardless, the steps to verify the signature are the same.To verify the signature, you need to have
gpg
installed (see https://gnupg.org for more information on that) and the Digital Asset Security Public Key imported into your keychain. Once you havegpg
installed, you can import the key by running:gpg --keyserver hkp://pgp.mit.edu --search F26D8A0AADF666CCB28F2AB1650EC3253B6A8FF5
This should come back with a key belonging to
Digital Asset Holdings, LLC <security@digitalasset.com>
, created on 2023-01-10 and expiring on 2025-01-09. If any of those details are different, something is wrong. In that case please contact Digital Asset immediately.Once the key is imported, you can ask
gpg
to verify that the file you have downloaded has indeed been signed by that key. Continuing with our example of v0.13.27 on macOS, you should have both files in the current directory and run:gpg --verify daml-sdk-0.13.27-macos.tar.gz.asc
and that should give you a result that looks like:
gpg: assuming signed data in 'daml-sdk-0.13.27-macos.tar.gz' gpg: Signature made Wed Sep 25 11:57:28 2019 BST gpg: using RSA key CADC3D1E3B5C4C5F94A65D78A7BF65AAADBBC494 gpg: Good signature from "Digital Asset Holdings, LLC <security@digitalasset.com>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: F26D 8A0A ADF6 66CC B28F 2AB1 650E C325 3B6A 8FF5 Subkey fingerprint: CADC 3D1E 3B5C 4C5F 94A6 5D78 A7BF 65AA ADBB C494
Note: This warning means you have not told gnupg that you trust this key actually belongs to Digital Asset. The
[unknown]
tag next to the key has the same meaning:gpg
relies on a web of trust, and you have not told it how far you trust this key. Nevertheless, at this point you have verified that this is indeed the key that has been used to sign the archive.The next step is to extract the tarball and run the install script (unless you chose the Windows installer, in which case the next step is to double-click it):
tar xzf daml-sdl-0.13.27-macos.tar.gz cd sdk-0.13.27 ./install.sh
Just like for the more automated install procedure, you may want to add
~/.daml/bin
to your$PATH
.