Zashi is a privacy-first pockets, and we take that critically. Meaning getting access to as little information as attainable, and being clear in regards to the information we have now entry to, why it issues, and how one can management it. Right here’s what it’s essential know:
What Information We Gather
Zashi doesn’t accumulate any information. Like most software program apps, it makes use of crash experiences, enabled and generated on the working system stage, to assist our workforce detect and repair bugs. However in contrast to most apps—even those who declare to prioritize privateness—Zashi doesn’t see or accumulate another information. Crash experiences are the one information we are able to see, which is uncommon amongst app builders.
Crash experiences present restricted anonymized technical information the only real function of which is to watch the wholesome operate of the app. They assist make the pockets extra secure and usable, nothing extra.
Vital:
ECC and the Zashi builders don’t observe, view, or accumulate your pockets exercise. When a crash report is generated, it presents restricted information wanted to determine what triggered the crash. We don’t see or accumulate names, emails, cellphone numbers, contact lists, user-generated content material, or transaction particulars.
What Crash Report Instruments We Use
Crash experiences are saved and processed by Google (on Android) and Apple (on iOS), and like all apps on their platforms, we should comply with strict guidelines about what information is collected and the way it’s dealt with. Violating these guidelines would result in elimination from their shops.
What Crash Experiences Do Not Comprise
Crash experiences are anonymized and solely embrace technical diagnostics like gadget kind, app model, time of the crash, stack hint (which a part of the code crashed), error logs, and working system model.
These experiences do not comprise:
- Your transaction IDs or historical past
- Pockets addresses
- ZEC balances
- Private data like title, electronic mail, or cellphone
- Consumer IDs tied to Zashi
- Something that would hyperlink a transaction to a selected person
Crash experiences inform us how and when the app broke, not who it occurred to.
Can You Decide Out?
Sure, in a number of methods:
iOS customers:
Apple permits customers to decide out of diagnostic information sharing throughout all apps. You are able to do this in your iPhone settings. iOS doesn’t permit customers to decide out for particular person apps.
Android customers:
Google doesn’t permit builders or customers to opt-out from the default Google Play Providers information assortment for Android Vitals.
To decide out, Android customers can obtain Zashi through F-Droid. The F-Droid model of Zashi is basically completely different from the Play Retailer model: it’s utterly freed from proprietary analytics and crash reporting instruments.
Enhancements:
We already entry far much less information than most apps, however we’ve taken extra steps to restrict information assortment even additional:
- For iOS, we’ve eliminated Firebase Crashlytics utterly (Zashi iOS v1.5.2).
- We’ve carried out a risk to opt-out of Firebase Crashlytics for Android. Customers can decide out of sharing crash experiences in Zashi’s Superior Settings. (Zashi Android v1.5.2)
- For Android, we’ve set Firebase Crashlytics to be “Off” by default. Customers can select to decide in by means of Zashi’s Superior Settings or the pockets’s standing widget. (Zashi Android v2.0)
- We’ve up to date the F-Droid model, eradicating the inaccurate safety warning, which falsely implied that the F-droid model collects crash experiences. That was by no means the case.
F-Droid & GitHub: Full Transparency
Zashi is accessible on F-Droid, an unbiased app retailer that prioritizes open-source, privacy-respecting software program. In contrast to conventional app shops, F-Droid doesn’t observe or profile customers, and it permits for utterly nameless downloads. The F-Droid model of Zashi is absolutely open-source and consists of no crash reporting instruments in any way.
The F-Droid Zashi construct is totally reproducible, and we encourage our neighborhood to construct it and confirm our work. This helps establish and mitigate potential threats to our infrastructure, processes, and the third-party companies we rely on.
You can even construct the app your self from supply.
Zashi code is totally open supply and out there on GitHub:
Learn extra about other ways to obtain Zashi pockets.
Philosophy: Privateness by Design
Many wallets declare to prioritize privateness, whereas quietly gathering analytics and person conduct. Zashi doesn’t simply declare it—we dwell it.
We don’t see or accumulate person and app information. We don’t profile customers. We don’t observe their exercise. And we exit of our solution to reduce metadata leakage. Zashi is constructed by the identical workforce that created and maintains the Zcash protocol—probably the most superior privateness tech within the blockchain business. We apply the identical requirements to app improvement that we do to protocol-level privateness.
We welcome scrutiny—particularly in privateness tech. However conversations about privateness and person security should be grounded in info, not concern or hypothesis. We encourage customers to use the identical excessive requirements to all of the apps and wallets they use, and to demand transparency and alter when these instruments fall quick.
Our dedication to Zashi customers is unwavering.
Shields up.
