Public codebase
Source and issue tracking stay visible in the public GitHub repository.
How Moaiy keeps your files safe
Start with a plain-language summary, then review technical details if you want to go deeper.
Quick summary (for most people)
- Your files are encrypted locally on your Mac.
- Moaiy is open source, so people can inspect the code publicly.
- Official downloads are published on GitHub Releases with verification guidance.
- If you find a security issue, email [email protected].
Technical details
Local-first workflow
Current guides focus on local encryption and decryption operations.
Verification guidance
Official docs include checksum and signature validation before install.
How to report
- Send reports to [email protected].
- Include reproduction steps, affected version, and impact estimate.
- Avoid public disclosure before coordinated remediation.
Response targets
- Acknowledgement target: within 3 business days.
- Triage target: within 7 business days when reproducible.
- Fix timeline depends on severity and release scheduling.
Current security status
| Area | Status | How to verify |
|---|---|---|
| Public source review | Available | Repository, commits, and issue history. |
| Third-party audit report | Not published yet | No public report as of April 9, 2026. |
| Security whitepaper | Draft available | Read draft |