

Zcash Ironwood testnet is live 🎉 Devs were already signing 11+ txs with one QR on ForgeBox before the launch — a Zcash testnet record. The community didn't wait. Neither should you. Build with ForgeBox: keyst.one/shop/products/…
Keystone Hardware Wallet
29.2K posts

@KeystoneWallet
The most user-friendly, open-source, air-gapped hardware wallet 🛡️| Secure BTC, ETH & 1000+ coins.


Zcash Ironwood testnet is live 🎉 Devs were already signing 11+ txs with one QR on ForgeBox before the launch — a Zcash testnet record. The community didn't wait. Neither should you. Build with ForgeBox: keyst.one/shop/products/…

Security Alert: Fake SecondFi Extensions and Apps We've seen scammers create fake SecondFi browser extensions and apps. Please read this before you install anything or click any link claiming to be from us. There is no new application or link, it is the same. Do not accept links from anyone, including people claiming to be SecondFi team members, support, or partners. We will not DM or email you links to download software, sign a transaction, or take any action with your assets. If you receive a message like that, it's a scam. Do not click it. The only official SecondFi extension is "searchable" in the Chrome Web Store. If you see any other extension using the SecondFi name or branding, it's fake. Check for the verified blue checkmark. Our official extension listing carries a blue verified check, shown in the screenshots below. If the listing you're looking at doesn't have it, do not install it. Scammers can and do clone extensions and apps to steal funds. When in doubt, go directly to secondfi.io and verify links yourself rather than trusting anything sent to you. Please check carefully that you are using the correct application




🚨 Someone lost $999,999 in USDT after signing a phishing token approval on Ethereum. 🎣 victim: 0x8c949361b49320c48a51f4b1c6f9f83862530f89 tx: etherscan.io/tx/0x6e882fd80… 🧵

1/ To our Gen 3 community 🏆 We're genuinely sorry for the battery issues you've encountered. We know how frustrating this can be and truly apologise for the stress it has caused you. Let's walk through what went wrong and how we've been working to fix it 🧵



Hardware wallets are, for the most part, one of the biggest psyops of this entire industry, and widely recognized as bad opsec by security researchers. The mailing and order lists for hardware wallets are some of the most repeatedly hacked and leaked datasets, appearing on blackhat forms year after year. Mailing addresses, names, emails, all of which are perfectly filtered for known value targets. A $300 laptop with no internet hardware is significantly less likely to get you wrench attacked, or get your root keys rugged by an HW wallet backdoor. Also, for the vast majority of users, a hardware wallet won’t save you if your web-wallet is compromised. You would have to review the entire transaction on the 1 by 1 inch hw wallet screen, where most people look at the wallet summary. You’d have to double check every script hash, every destination address of every transaction you sign. In-practice, the number of people who do this approaches zero.


The Zcash Ironwood upgrade (NU6.3) IS LOCKED IN. The code is on testnet and the mainnet activation height has been confirmed! In ~3 weeks the Orchard supply audit will begin and the Ironwood supply formally verified forever.

MiCA is live. Exchanges are already cutting off EU users. If a regulation can freeze your access, you never really owned your crypto. Hardware wallet = no middleman, no panic. Your keys. Your coins. Your control 🔐 Who's making the move to self-custody?

Nebula Security is now backed by Y Combinator. We’re celebrating by bringing you the world’s first Android 17 root demo — “IonStack”, a url click can let attacker fully control your phone. This is not only an Android root demo. We’re bringing you a full chain browser-to-kernel exploit with two 0-day vulnerabilities affecting Firefox before v151.0.2 and all Linux distros in 15 years. "IonStack" demonstrates how bad actors can control your phone by sending a malicious URL, but good news, Nebula Security found it before attackers do. Both 0-day were found by our code scanning agent, VEGA, overshadowing any vulnerabilities found by Mythos or any scanner you name it. VEGA has demonstrated its extraordinary capability in finding critical bugs in the world’s most complicated software: operating systems and browsers. It can spot the same vulnerabilities in your codebase too. VEGA support full scan and incremental scan that can integrated into your CI/CD flow. We launched VEGA within YC companies and received overwhelmingly positive feedback. Now it is open to all enterprise customers in private beta. Book a demo with us: nebusec.ai/book-a-demo











The greatest game meets secure self-custody ⚽️ Level up your crypto security, back your favorite team & win BIG. Order any Keystone product & vote before June 28. If you nail it, you get a 20% cashback straight to your crypto wallet. More details 👇

Noir Wallet has officially integrated support for @KeystoneWallet hardware wallets. This integration brings air-gapped, hardware-grade key management to Noir users — a critical standard for secure self-custody at any scale. Need a Keystone Wallet?🗝️ We've got you covered. Use code "NOIR" at checkout to receive 10% off. Get your Noir Wallet → zknoir(dot)com Get your Keystone Wallet → keyst(dot)one


Ctrl Wallet is shutting down. Starting 3 August 2026, sending, receiving, swapping and dApp connections within the app will no longer be available. The one thing you'll still be able to do is export your recovery phrase. Here's what you need to know. 🧵 1/3