# Security Policy

## Reporting a Vulnerability

To report security issues send an email to security@satoshilabs.com (this is not a support email!).

The following keys may be used to communicate sensitive information to developers:

| Name            | Fingerprint                                |
|-----------------|--------------------------------------------|
| Pavol Rusnak    | `86E6792FC27BFD478860C11091F3B339B9A02A3D` |
| Marek Palatinus | `71B5A80A63FE12B0D74DABBFE4A883364AAF6E16` |

You can import a key by running the following command with that individual’s fingerprint: `gpg --recv-keys <fingerprint>`.

More info about our Responsible Disclosure program is available from https://trezor.io/security/