SECURITY
Security status, stated plainly.
For a privacy network, fuller risk disclosure means higher credibility. This page states what is implemented, what is not, and which risks remain — without softening any of it.
Research prototype · no testnet · no mainnet · unaudited · not production-private · not safe for funds
Security status
- Research prototype
- No public testnet
- No mainnet
- Not audited
- Not production privacy
Audit status
- No third-party security audit has been engaged or completed.
- No audit report exists or has been published.
- Future audits will be publicly disclosed, including findings — an independent audit is sequenced on the roadmap before any mainnet.
Threat model
The full threat model — protection goals, selective-disclosure risks, prototype boundaries and operational assumptions — is a first-class document, not a footnote.
Read the threat model →Known limitations
- No production trusted setup — the prototype uses a development-key Groth16 path only.
- No production proving system — circuit soundness is unverified.
- No wallet security audit — the W0 wallet is a research prototype.
- No network-layer anonymity — IP and transport metadata are out of protocol scope.
- Metadata leakage remains possible — timing, fees and mempool activity are observable.
- Timing correlation remains possible.
- The disclosure model itself is research-stage and may change.
Responsible disclosure
There is currently no public attack surface: no testnet, no mainnet, and no public node endpoints exist. A dedicated security contact and a private reporting channel (GitHub Security Advisories) will open together with the public release of the repositories — before any public testnet. Security claims on this site are updated only when implementation or review status actually changes.