Our security team practices responsible disclosure. We will acknowledge valid and original (i.e., the first reported instance) discoveries on our website with your name, if you would like us to. While we do not have a formalized bug-bounty program at this time, we may implement one in the future. In the event that we develop a reward system, we may, at our discretion, pay you a reward in bitcoin (or another supported cryptocurrency), subject to applicable laws.

Our commitment to security researchers is simple: we will not take action against anyone who reports an issue privately and in a responsible manner. We will do our best to reply to you in a timely fashion and periodically update you on our progress with respect to investigating or remediating any issues you may have identified.