Zashi is a privacy-first pockets, and we take that significantly. Which means getting access to as little knowledge as doable, and being clear in regards to the knowledge now we have entry to, why it issues, and how one can management it. Right here’s what that you must know:
What Knowledge We Accumulate
Zashi doesn’t gather any knowledge. Like most software program apps, it makes use of crash stories, enabled and generated on the working system degree, to assist our group detect and repair bugs. However in contrast to most apps—even those who declare to prioritize privateness—Zashi doesn’t see or gather some other knowledge. Crash stories are the one knowledge we will see, which is uncommon amongst app builders.
Crash stories present restricted anonymized technical knowledge the only real function of which is to watch the wholesome operate of the app. They assist make the pockets extra steady and usable, nothing extra.
Necessary:
ECC and the Zashi builders don’t monitor, view, or gather your pockets exercise. When a crash report is generated, it presents restricted knowledge wanted to determine what triggered the crash. We don’t see or gather names, emails, telephone numbers, contact lists, user-generated content material, or transaction particulars.
What Crash Report Instruments We Use
Crash stories are saved and processed by Google (on Android) and Apple (on iOS), and like all apps on their platforms, we should observe strict guidelines about what knowledge is collected and the way it’s dealt with. Violating these guidelines would result in elimination from their shops.
What Crash Experiences Do Not Include
Crash stories are anonymized and solely embrace technical diagnostics like system kind, app model, time of the crash, stack hint (which a part of the code crashed), error logs, and working system model.
These stories do not include:
Your transaction IDs or historical past
Pockets addresses
ZEC balances
Private info like title, e mail, or telephone
Person IDs tied to Zashi
Something that would hyperlink a transaction to a particular consumer
Crash stories inform us how and when the app broke, not who it occurred to.
Can You Choose Out?
Sure, in a number of methods:
iOS customers:
Apple permits customers to decide out of diagnostic knowledge sharing throughout all apps. You are able to do this in your iPhone settings. iOS doesn’t permit customers to decide out for particular person apps.
Android customers:
Google doesn’t permit builders or customers to opt-out from the default Google Play Companies knowledge assortment for Android Vitals.
To decide out, Android customers can obtain Zashi by way of F-Droid. The F-Droid model of Zashi is essentially totally different from the Play Retailer model: it’s fully freed from proprietary analytics and crash reporting instruments.
Enhancements:
We already entry far much less knowledge than most apps, however we’ve taken extra steps to restrict knowledge assortment even additional:
For iOS, we’ve eliminated Firebase Crashlytics fully (Zashi iOS v1.5.2).
We’ve applied a risk to opt-out of Firebase Crashlytics for Android. Customers can decide out of sharing crash stories in Zashi’s Superior Settings. (Zashi Android v1.5.2)
For Android, we’ve set Firebase Crashlytics to be “Off” by default. Customers can select to decide in via Zashi’s Superior Settings or the pockets’s standing widget. (Zashi Android v2.0)
We’ve up to date the F-Droid model, eradicating the wrong safety warning, which falsely implied that the F-droid model collects crash stories. That was by no means the case.
F-Droid & GitHub: Full Transparency
Zashi is out there on F-Droid, an unbiased app retailer that prioritizes open-source, privacy-respecting software program. In contrast to conventional app shops, F-Droid doesn’t monitor or profile customers, and it permits for fully nameless downloads. The F-Droid model of Zashi is totally open-source and consists of no crash reporting instruments by any means.
The F-Droid Zashi construct is totally reproducible, and we encourage our neighborhood to construct it and confirm our work. This helps determine and mitigate potential threats to our infrastructure, processes, and the third-party providers we rely on.
You may as well construct the app your self from supply.
Zashi code is totally open supply and accessible on GitHub:
Learn extra about alternative routes to obtain Zashi pockets.
Philosophy: Privateness by Design
Many wallets declare to prioritize privateness, whereas quietly accumulating analytics and consumer habits. Zashi doesn’t simply declare it—we reside it.
We don’t see or gather consumer and app knowledge. We don’t profile customers. We don’t monitor their exercise. And we exit of our technique to decrease metadata leakage. Zashi is constructed by the identical group that created and maintains the Zcash protocol—probably the most superior privateness tech within the blockchain business. We apply the identical requirements to app growth that we do to protocol-level privateness.
We welcome scrutiny—particularly in privateness tech. However conversations about privateness and consumer security should be grounded in information, not worry or hypothesis. We encourage customers to use the identical excessive requirements to all of the apps and wallets they use, and to demand transparency and alter when these instruments fall quick.
Our dedication to Zashi customers is unwavering.
Shields up.
