hush
/
hush
8
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
Original HUSH source code based on ZEC 1.0.8 . For historical purposes only! https://hush.is
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11262 Commits
32 Branches
8 Tags
52 MiB
 
 
 
 
 
 
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
hush/doc/security.md

1.6 KiB
Raw Permalink Blame History

Security Overview

This document is a very high overview related to the security of Hush, with links to other resources.

SECURITY AUDIT

Hush itself has not had a 3rd party code audit, but our upstream fork, Zcash, has. More details on that here:

https://z.cash/blog/audit-results.html

KNOWN SECURITY ISSUES

Each release contains a ./doc/security-warnings.md document describing security issues known to affect that release. You can find the most recent version of this document here

Note that this link points to the "in development" version of the file, so it may have more recent findings than the version released with your software. (It might also have issues that are only relevant for the upcoming release which don't affect the current release or older software.)

What if myhush.org get hacked?

In the event the Hush website is down or hacked, please also check these twitter handles: @dukeleto and @MyHushTeam. The Hush protocol has an alert system and currently a small set of people control the keys to issue alerts. These will be sent to all nodes, if necessary in an emergency situation.

Additionally, you can contact Duke Leto via GPG keys from Keybase, corresponding to

F16219F4C23F91112E9C734A8DFCBF8E5A4D8019
https://keybase.io/dukeleto/pgp_keys.asc

What if all the Hush core devs turn evil?

If we are sufficiently hacked, or if we collectively turn evil, the above resources will not be sufficient to protect you. Luckily, the Hush network is growing into a larger and more resilient decentralized community everyday.