btaq.io
DE
security

Encrypted mail, verifiable keys.

If you need to send us something sensitive — code, credentials, a draft contract — encrypt it with our PGP key first. We run end-to-end encrypted email via Proton Mail, so encrypted mail stays encrypted from your client to our inbox.

Public key

paul@btaq.io
8A17 995E 3693 2D8D BB60 8641 DC5C 1A8F E624 750D
RSA-2048 · created 2018-12-05
Download .asc keys.openpgp.org

Verify the key

  1. 01 Fetch the key — directly from this site, from keys.openpgp.org, or via the command below.
  2. 02 Compare the fingerprint your client displays to the value on this page. All 40 hex characters must match.
  3. 03 If they match exactly, you have the real key — no MITM between us. 
# install gpg (macOS)
brew install gnupg

# fetch + check
curl -sS https://btaq.io/keys/paul.asc | gpg --show-keys --keyid-format LONG -

# or via the public keyserver
gpg --keyserver hkps://keys.openpgp.org --recv-keys 8A17995E36932D8DBB608641DC5C1A8FE624750D
gpg --fingerprint 8A17995E36932D8DBB608641DC5C1A8FE624750D

Reporting vulnerabilities

Send a report to paul@btaq.io, PGP-encrypted with the key above. We acknowledge within 24 hours.

We don't run a paid bounty program (yet). Responsible disclosure is appreciated and, with your permission, credited on this page.

What we run

  • +Proton Mail for end-to-end encrypted email
  • +EU-hosted static site (Hetzner, Falkenstein) — no trackers, no analytics
  • +Self-hosted GitLab for source code and CI/CD
  • +Local LLM inference for anything that can't leave the building