Warrant Canary

What we have not received.

Issued · 2026-04-28 · refreshed quarterly

A warrant canary is a public statement that an organisation has not received certain kinds of legal demands — written so that disappearing the statement carries information the organisation can't legally communicate directly.

This is the canary for ZakRS Tech and its product Susanoo. Susanoo is built to never have the data a warrant or subpoena would seek; this page exists to give you a second signal beyond the architecture.

Issued
2026-04-28 Next refresh
2026-07-28 Issuer
ZakRS Tech

As of the date above, ZakRS Tech has not, in connection with Susanoo:

Received any National Security Letter, FISA order, or equivalent compulsory request.
Received any subpoena, court order, or other legal process demanding user data.
Been compelled to weaken cryptography, sign a malicious update, or hand over signing keys.
Been gagged or otherwise forbidden from communicating about a request to our users.
Disclosed any user data to any third party — there is no user data to disclose, and we will not start collecting any to enable disclosure.

How to read this canary

This page is signed-and-dated as a normal article. Its meaning is:

It is here, with the date refreshed on schedule ⇒ none of the five conditions above have changed.
It silently disappears, or its date is not refreshed past the next scheduled date ⇒ infer that something has changed. We may be legally barred from saying what.

The canary refreshes on the first day of each quarter. If a refresh is overdue by more than 30 days without explanation, treat the canary as broken.

Architectural canary

The strongest version of a canary is one that's structurally impossible to violate. Susanoo aims for that:

The classifier and observation log run entirely on-device. There are no Susanoo servers that ever see user observation data.
The local store is encrypted with a key bound to your device's hardware-backed keystore. We have no copy of that key, ever.
Rule-bundle updates are publicly signed with a known Ed25519 key. A malicious bundle can't be quietly pushed to one user — every user verifies the same signature against the same pinned key. Tampering is visible.
The classifier ships under MIT licence at v1.0; auditors can verify what the App actually does end-to-end.

The point of these is that a hypothetical compelled change would have to flow through the public, signed update path — which means it would be visible to every installed copy of the App, not silently delivered to one user.

What to do if this canary breaks

If you see the canary missing, expired by more than 30 days, or materially altered (e.g. the bullet list above shrunk), and you can't reach us for an explanation:

Treat any subsequent rule-bundle updates with extra scrutiny.
Pin the last canary-confirmed bundle version and audit subsequent diffs.
Reach out to independent security researchers — we'd rather you do than not.

Contact

qat@zakrstech.com