No technology is perfect or perfectly secure. Centrifuge believes that working with skilled security researchers across the globe is crucial in identifying weaknesses in any technology. We welcome the contribution of external security researchers and look forward to awarding them for their invaluable contribution to the security of all our users.
If you believe you've found a security issue in our product or service, we encourage you to notify us. The disclosure of security vulnerabilities helps us ensure the security and privacy of our users and we will reward valid, in-scope submissions with a bounty.
Please refer to the Centrifuge Security Vulnerability Disclosure page for further information on how to disclose any vulnerability you might find.
You can reach us at security@centrifuge.io or via our slack channel.