Security Information

Electric Coin Company will announce any breaking security issues on this website’s Security Announcements page. We suggest all users of Zcash wallets and services read the Privacy & Security Recommendations page.

Security Issues and Audits

Each release contains a ./doc/security-warnings.md document describing security issues known to affect that release. You can find the most recent version of this document here. Zcash has been subjected to formal third-party security reviews. Audit reviews can be found in the Zcash Foundation and Electric Coin Company blogs.

Security Alerts

The Zcash protocol has a system to issue security alerts. These will be sent to all nodes. In the event the Electric Coin Company website is down or hacked, please also check these twitter handles: @ElectricCoinCo, @zooko, and @least_nathan.

Report Security Vulnerabilities

Contact [email protected] (security.asc) to submit security vulnerabilities or for sensitive discussions with our security team. The security disclosures process can be found here. Key fingerprint = AF85 0445 546C 18B7 86F9 2C62 88FB 8B86 D8B5 A68C

Public Keys

Below are keys we use to sign the software in our package repository.

• Zcash Master Signing Key: zcash.asc
  Key fingerprint = 3FE6 3B67 F85E A808 DE9B 880E 6DEF 3BAF 2727 66C0
• Zcash Security Key: security.asc
  Key fingerprint = AF85 0445 546C 18B7 86F9 2C62 88FB 8B86 D8B5 A68C
• Developer Public Keys

  Nathan Wilcox: nathan.asc

  Key fingerprint = 01A2 20DF 0EA9 A42C 4EAE  6B1D ED41 7FBE 79C9 9E8C

  Daira Hopwood: daira.asc

  Key fingerprint = 3D6A 08E9 1262 3E9A 00B2  1BDC 067F 4920 98CF 2762

  Sean Bowe: sean.asc

  Key fingerprint = 0395 DE0A 5027 BE0C 1F5A FB03 9568 4257 D8F8 B031

  Jack Grigg: jack.asc

  Key fingerprint = 2253 E2A1 EEB4 0E2A 3D22  EB1D 0EC5 1FCD A94F B53E