Our goal is to protect your secrets and privacy and we appreciate the role of security researchers in helping us fix vulnerabilities and improve our software.


If you have found a vulnerability please follow co-ordinated/responsible disclosure and report it to us by email at [email protected] you can use our PGP public key to encrypt the message.

We will collaborate with you to fix any vulnerabilities as fast as possible; the time will depend upon the complexity of the fix.


Security researchers may want to view the cryptography page for a high-level overview of the cryptography and libraries we use.

Bug Bounty

We don't currently offer a bug bounty program, but we plan to offer bounties in the future when we have the resources to allocate.