Why this page exists

Every FRB binary published on the official installer page is paired with a SHA-256 checksum so you can prove the file you fetched matches what we released. This matters for regulated desks, exchange integrations, and anyone who needs to document software provenance.

Use this page to confirm the version you run in production, reference historical builds for audits, and guide peers through your internal change-control steps. If you maintain internal mirrors, ensure the hashes below are copied verbatim.

Why checksums matter

• They prove the installer has not been modified in transit or by a compromised mirror.
• They let incident responders validate exactly which build was deployed during an investigation.
• They serve as objective evidence during audits or when coordinating with counterparties.

Pair checksum verification with the controls outlined in the security overview to maintain a defensible supply-chain posture.

How to verify a build

The high-level process is the same across operating systems: grab the file, compute a local hash, compare it to the value below, and confirm the signature. Capture the evidence in your runbook or ticket for traceability.

1. Download the installer directly from ai-frb.com and note the version identifier.
2. Run CertUtil -hashfile file.exe SHA256 on Windows (or shasum -a 256 on macOS/Linux).
3. Compare the resulting hash to the value listed for that file below.
4. Inspect the Authenticode or codesign signature and ensure it references FRB Labs Ltd.
5. Record the timestamp, hash, and approver in your internal change log.

Attach the hash and version to your change ticket so auditors know exactly what ran.

How to verify on Windows (example)

1. Open PowerShell in the folder containing the downloaded installer.
2. Run Get-FileHash .\frb-installer.exe -Algorithm SHA256 and copy the Hash column.
3. Locate the same filename in the release list below and confirm every character matches.
4. Right-click the file, open Properties → Digital Signatures, and review the signer information.
5. If anything differs, discard the file and re-download from the official source.

If you need automation-friendly verification, integrate PowerShell or sha256sum into your CI/CD gate.

How FRB handles release signing

Builds are produced in a hardened pipeline with reproducible configuration, artifact attestation, and multi-party approval. Installers are signed before distribution and the SHA-256 digests are written to immutable storage so we can prove their integrity later.

If you operate air-gapped networks or require hashes for retired versions, reach out via contact the support team and include the target version plus intended use. We will provide the historical checksum and signature chain for your records.