Navigator

Download the Navigator

A standalone binary. No installer. No telemetry. The only client software for FGSP. Verify the signature before running — every release is signed by the operator's release key.

Not available yet

The Navigator binary is in development. The download buttons below are placeholders. Join the waitlist to be notified the moment the first release ships. The release key fingerprint will be published here and on the .onion mirror at the same time.

Pick your platform

The same binary semantics on every platform. Cross-platform determinism is a build-time guarantee — your Drive A bundle works the same everywhere.

Linux

fgsp

x86_64 — glibc 2.31+ — static binary

Recommended for Tails sessions and air-gapped workstations.

macOS

fgsp

Universal — Apple Silicon + Intel

Notarized by the operator. Gatekeeper passes on first launch.

Windows

fgsp.exe

x86_64 — Windows 10+

Authenticode-signed. SmartScreen passes after launch count threshold.

.onion mirror

A Tor-only mirror is published at the same time as the public release, for users who do not want their download visible to a network observer. Both mirrors serve byte-identical binaries — verify the signature against the same release key either way.

# mirror address (will be published at first release):
# http://<onion-published-here>/download/

Verify the signature

Every Navigator release is signed by the operator's release key. Verifying confirms the binary is the one we shipped and has not been tampered with on a CDN, a mirror, or in flight. Skipping signature verification weakens the threat model considerably — do not skip it for high-stakes work.

# 1. download the binary + the signature file
curl -O https://fgsp.io/download/fgsp
curl -O https://fgsp.io/download/fgsp.sig

# 2. import the operator's release key (fingerprint published here at first release)
gpg --recv-keys <FGSP_RELEASE_KEY_FINGERPRINT>

# 3. verify
gpg --verify fgsp.sig fgsp

# expect: "Good signature from FGSP Operator <release@fgsp.io>"
# reject anything else.

Reproducible builds

The Navigator's release pipeline is reproducible — anyone can rebuild from source and confirm byte-equality with the shipped binary. The build instructions and the source-archive hash will be published alongside each release. This is a defense against a compromised release pipeline; signature verification alone protects against tampering downstream of the operator.

After download

Three things happen next, in order:

→ Read the Navigator app guide — what running the binary looks like and what it does on first launch.
→ Get a provisioning token — the click-pay flow that allocates your bulb.
→ Read the best practices guide — key storage discipline before you upload anything important.

Be first in when the binary ships.

Join the Waitlist Navigator Guide