Grin's security policy is available at https://github.com/mimblewimble/grin/blob/master/SECURITY.md
This git repository is a central place for all other security-related information about the Grin project. It includes the following:
- Grin PGP keys (
keys/) - Grin canaries (
canaries/) - Grin CVEs (
CVEs/) - Grin audits (
audits/)
The files contained in this repository can be verified in two ways:
- By verifying the git commit tags (
git tag -v) - By verifying the detached PGP signatures provided for most files included here