Our goal is to protect your secrets and privacy and we appreciate the role of security researchers in helping us fix vulnerabilities and improve our software.
Disclosure
If you have found a vulnerability please follow co-ordinated/responsible disclosure and report it to us by email at [email protected] you can use our PGP public key to encrypt the message.
We will collaborate with you to fix any vulnerabilities as fast as possible; the time will depend upon the complexity of the fix.
Cryptography
Security researchers may want to view the cryptography page for a high-level overview of the cryptography and libraries we use.
Bug Bounty
We don't currently offer a bug bounty program, but we plan to offer bounties in the future when we have the resources to allocate.