Skip to content

Download & Verification

The only official source for TraceWall Desktop installers is https://download.trace-wall.com/.

Do not download from mirrors, file-sharing sites, or third-party repositories. The project does not publish to Chocolatey, Winget, Scoop, Homebrew, Snap, Flatpak, or any community package manager.

Current Release

PlatformArchitectureFormatVersionSizeSHA-256Status
Windows 10/11/Serverx64.exe (NSIS)Not yet published
Debian / Ubuntuamd64.debNot yet published

How to Download

  1. Open https://download.trace-wall.com/ in a browser.
  2. Locate the current stable release (not a pre-release, beta, or release candidate unless explicitly directed by support).
  3. Click the download link for your platform.
  4. Save the file to a known location (e.g., ~/Downloads or C:\Users\<user>\Downloads).

Verifying Integrity

Always verify the SHA-256 checksum before running any installer.

Windows

PowerShell (recommended):

Terminal window
Get-FileHash ".\TraceWall-Desktop-V3-x.x.x-Setup.exe" -Algorithm SHA256

Command Prompt:

Terminal window
certutil -hashfile "TraceWall-Desktop-V3-x.x.x-Setup.exe" SHA256

Linux / macOS

Terminal window
sha256sum TraceWall-Desktop-V3-x.x.x_amd64.deb
# or
shasum -a 256 TraceWall-Desktop-V3-x.x.x_amd64.deb

Compare

Compare the output character-by-character with the checksum published on:

Verifying the Download Source

Before verifying the checksum, confirm you are on the official domain:

  • URL: https://download.trace-wall.com/
  • TLS Certificate: Valid certificate for download.trace-wall.com (issued by a public CA)
  • No redirects through unrelated domains
  • Content-Type: application/octet-stream or application/x-msdownload for .exe, application/vnd.debian.binary-package for .deb

If the browser shows a certificate warning, or the URL differs (e.g., download.tracewall.com, trace-wall-download.com, cdn.example.com/tracewall), stop and report it.

Code Signing Status

The Windows installer (.exe) is not currently signed with a commercial code-signing certificate recognized by Microsoft SmartScreen.

What This Means

  • SmartScreen will likely warn on first run: “Windows protected your PC. Microsoft Defender SmartScreen prevented an unrecognized app from starting.”
  • This is expected behavior for new, unsigned installers.
  • It does not mean the file is malicious.

How to Respond to SmartScreen

  1. Click “More info” (not “Run anyway” immediately).
  2. Verify the publisher shows “Unknown publisher” or the expected organization name once a certificate is obtained.
  3. Verify the file name matches the official release.
  4. Verify the SHA-256 checksum (see above).
  5. Only after confirming the checksum matches, click “Run anyway”.

Linux Package Verification (.deb)

In addition to SHA-256, the Debian package can be inspected:

Terminal window
# Show package metadata
dpkg -I TraceWall-Desktop-V3-x.x.x_amd64.deb
# List contents without extracting
dpkg -c TraceWall-Desktop-V3-x.x.x_amd64.deb
# Verify embedded checksums (if provided in DEBIAN/md5sums or DEBIAN/sha256sums)
dpkg-sig --verify TraceWall-Desktop-V3-x.x.x_amd64.deb

The .deb is not currently signed with a PGP key. Verification relies on SHA-256 from the official download page.

Automated Verification (CI/CD)

For internal distribution, script the verification:

verify-tracewall.sh
#!/usr/bin/env bash
set -euo pipefail
INSTALLER="TraceWall-Desktop-V3-3.0.0-Setup.exe"
EXPECTED_SHA256="a1b2c3d4e5f6..." # From release notes
actual=$(sha256sum "$INSTALLER" | awk '{print $1}')
if [[ "$actual" != "$EXPECTED_SHA256" ]]; then
echo "CHECKSUM MISMATCH"
echo "Expected: $EXPECTED_SHA256"
echo "Actual: $actual"
exit 1
fi
echo "Checksum OK"

Reporting Issues

  • Checksum mismatch: soporte@trace-wall.com (include file name, size, actual checksum, download time, browser, network)
  • Suspicious domain / phishing: seguridad@trace-wall.com
  • SmartScreen false positive (after verification): Report via Windows Feedback Hub and notify TraceWall support