What this is: This is a public statement that we have not received any secret legal orders that would compromise user privacy. If this canary stops being refreshed monthly, or if any of the assertions below quietly disappears, treat that as a warning that something may have changed. We refresh on the 26th of each month. A canary more than 60 days stale should be treated as broken.
Current statement — 2026-04-26
As of 2026-04-26, CSB Group asserts the following on behalf of itself and the operator of the Ghost Protocol relay service:
- We have not received any National Security Letter, court order under FISA Section 702, gag order, or any other secret or classified legal process directed at the Ghost Protocol service or its users.
- We have not received any government order, warrant, or compelled-disclosure request that asked us to (a) hand over plaintext message content, (b) install monitoring or surveillance code in the relay or app, (c) decrypt user-held data, or (d) provide IP addresses, location data, or device identifiers tied to any user.
- We have not been asked to introduce a backdoor, weaken the cryptographic protocol, or disable any of the privacy guarantees described in our Privacy Policy.
- We have not transferred operational control of the relay or the release-signing keys to any third party. The signing keys remain in custody as described in our FROST_CEREMONY.md documentation.
- We have not been compelled to relocate the service to a jurisdiction with weaker legal protections.
- The relay code currently running in production matches the public release tagged
v0.1.55.0.2 in the GitHub repository, and the binary's hash matches the public Sigstore attestation log.
- No member of the operator's team has been arrested, detained, or compelled to assist any law enforcement, intelligence, or other government agency in connection with Ghost Protocol.
Anti-forgery anchors
To make this canary harder to forge after the fact, we anchor it to unforgeable timestamps. These will be filled in with the actual Bitcoin block height and hash on the first signed publication.
Bitcoin block (at issuance)
Block height: [to be filled on signing]
Block hash: [to be filled on signing]
How to verify this canary
The signed version of this canary is committed to the public Git repository. To verify:
# Download the signed canary
curl -O https://raw.githubusercontent.com/bayramcsb/ghost-protocol/main/docs/website-publish/warrant-canary.md
# Verify the PGP signature
gpg --verify warrant-canary.signed.md
The operator's PGP public key is published at /.well-known/pgp-key.txt once available.
Canary history
| Period | Status | Notes |
|---|
| 2026-04-26 | ✓ Active | Initial canary issued |
What happens if the canary dies
If the canary stops being refreshed past the 60-day grace period, assume a gag order has been issued. In that case:
- Treat all relay communications as potentially monitored.
- Continue using Strict Tor mode to route around the relay.
- The app continues to work peer-to-peer over Tor/I2P for contacts you have already exchanged keys with.
- The source code remains public; anyone can fork and operate an independent relay.