Warrant canary.
A statement signed every month with a dedicated key: no warrants, no national security letters, no gag orders, no seizures. The signal is absence — if this canary expires or its signature breaks, assume the worst. Don't trust this page's verdict; verify it yourself.
Signed 2026-07-11 · valid through 2026-08-25 · 44 days remaining. Signature verifies against the pinned canary key on this server — which you should not take at face value. Verification instructions below.
The current canary.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 PGPony Warrant Canary ===================== As of the signing date below, NorseHorse — the sole operator of pgpony.app, its onion and I2P mirrors, and the PGPony family of applications — declares all of the following to be true: 1. I have not received any National Security Letters. 2. I have not received any gag orders, secrecy orders, or orders under any law that would prevent me from making this statement truthfully. 3. I have not received any warrants, subpoenas, or court orders seeking user data, and I have not disclosed user data to any party. 4. No servers or infrastructure operated for PGPony have been seized, accessed, or tampered with by any third party, to my knowledge. 5. I have not been compelled to modify any PGPony application, this website, or any published key or binary to weaken, backdoor, or surveil, and I have not done so. Signed: 2026-07-11 Expires: 2026-08-25 Canaries are published monthly with a 45-day validity window. If this canary is expired and no fresh one exists at https://pgpony.app/canary, assume one or more statements above can no longer truthfully be made. Proof of freshness (this statement postdates this block): Bitcoin block 957636 00000000000000000000852b48a4f81631152b79989ba585c52eeddb3b63eff7 -----BEGIN PGP SIGNATURE----- iKQEARYKAEwWIQTA9JW2+7bTTYAMgTp2FF1ufb0urwUCalLxsBsUgAAAAAAEAA5t YW51MiwyLjUrMS4xMiwwLDMSHGNhbmFyeUBwZ3BvbnkuYXBwAAoJEHYUXW59vS6v QIIBALEbwVLmULeBfFKWfyUfx617GawHpmZK8h++G28B8HUnAP4kCkrvgR8Of3Va mB0sLHBM0a81wsQDsw1Mw5OzROcDBA== =BBpo -----END PGP SIGNATURE-----
Verify it yourself.
The canary key is dedicated to this purpose and its public half is pinned here. Save a copy the first time you visit; on every later visit, verify against your saved copy, not ours.
In the browser: open the Playground's verify tool, paste the canary public key and the canary text above. Everything runs locally; the page makes no network requests.
With GnuPG:
curl -sO https://pgpony.app/canary/canary-key.asc curl -sO https://pgpony.app/canary/current.txt gpg --import canary-key.asc gpg --verify current.txt
What to check: the signature is good, the fingerprint matches your saved copy, the Signed: date is recent, the Expires: date is in the future, and the Bitcoin block hash in the freshness proof matches the real chain (any block explorer) — proving the statement couldn't have been signed in advance.
Archive.
Every previous canary, kept forever. Gaps or missing months are themselves information.
Canaries are published monthly with a 45-day validity window, leaving ~15 days of grace for life to happen. This page is mirrored on the onion service; a mismatch between clearnet and onion is also information.