|
|
|
@ -0,0 +1,16 @@
|
|
|
|
|
# Security Policy
|
|
|
|
|
|
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
|
|
|
|
|
|
To report security issues send an email to security@satoshilabs.com (this is not a support email!).
|
|
|
|
|
|
|
|
|
|
The following keys may be used to communicate sensitive information to developers:
|
|
|
|
|
|
|
|
|
|
| Name | Fingerprint |
|
|
|
|
|
|------|-------------|
|
|
|
|
|
| Marek Palatinus | 86E6792FC27BFD478860C11091F3B339B9A02A3D |
|
|
|
|
|
| Pavol Rusnak | 71B5A80A63FE12B0D74DABBFE4A883364AAF6E16 |
|
|
|
|
|
|
|
|
|
|
You can import a key by running the following command with that individual’s fingerprint: `gpg --recv-keys <fingerprint>`.
|
|
|
|
|
|
|
|
|
|
More info about our Responsible Disclosure program is available from https://trezor.io/security/
|