A warrant canary is a method by which a service provider can inform its users that it has not been served with a secret government subpoena. If a canary is not updated or is removed, users are to assume that the service provider has been served with a secret subpoena and is no longer safe to use.
If this canary is not updated within 30 days, or if it disappears entirely, assume we have been compromised.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
fink
Date: 2026-07-02T21:21:47.274Z
We, the developers of Fink, confirm that we have not received any secret subpoenas, national security letters, or any other classified demands for user data, encryption keys, or backdoors. Our infrastructure remains uncompromised, and our zero-knowledge architecture remains intact.
-----BEGIN PGP SIGNATURE-----
wsG5BAEBCgBtBYJqRtZrCRDPWPVrFfryVUUUAAAAAAAcACBzYWx0QG5vdGF0
aW9ucy5vcGVucGdwanMub3JnrPCzBcsS8ROs1cDQZje2hcWInHMjkRBAc26N
g9ibApkWIQQAELXJbLuFk9VhN2jPWPVrFfryVQAAiGEQALHOnuSrCermj3vv
namZfLdkam5qR7KRrXt9WlsN0zjVp+UIUbv9/wbxlkeEdL1sq1q7xZs9R2xO
eShTLfshx8DCNzqd5LvBkzCjoxWJpYHRNPD2vWzc3EyjZ6NDn+ZMsvyhEsAq
9BSVQUeXYzrY4yEOxulrD7VZza3whuh7hw+i1yRJ/KqyNOAwZMCoiLqaVIK7
E+LA2Ux3wjv/JWOHicARQgG39MzsDGCrpE6LXrFN4VntPgspIV5bY8ndgvfr
00nJpnKmqF4hsEhggfn7IJVjMPgNiFZQ4pjjvypxCM6/NUYQ03vp6HZZyaF+
zqhq1omvctnGCOzWnpPIzB9ErWpINa6C9ctKwEKcLjv2o0dTNi0EGNX2vj+N
8RAgKP2c8b4ZFrg5MYXIT8e8FoR191IYZpI+2t8MNn8t3OwBnusQB1wVOTS1
BgkzH006w7dPPHpkyGeVHeQaBJWsm9AH4wlpjL2SNnRdtuvL+focroFMiWCo
K1GD8ZDmVipxk3er9gkfB/AFCXQVUlbk7kAt0wID537sVB7Yf6JgTKg3FnzG
XdPAgE0CCg4c5fVQTOtUeyTqxpwmDtEHv59VR1y2LEzXq0RANWR5P5cTtx0A
w8ncWyY6LdpLSBsL5om+gs4esRoPNlcVfIXMpYLoQlmPJNMXrt4lp/aB9i4W
kqtDbFL3
=+9JE
-----END PGP SIGNATURE-----
How this works
We plan to update this canary regularly. If this page ever disappears, fails to update, or if the PGP signature becomes invalid, you should immediately assume that fink has been compromised by a state-level actor and our zero-knowledge architecture has been legally breached.
Because of the mathematical nature of our application, even if we were compromised, past communications and data remaining on your device remain secure. However, a dead canary means the network or the application distribution channels can no longer be trusted.