Skip to content

Security: manifoldfinance/xga-api-specs

Security

.github/SECURITY.md

SPDXVersion DataLicense Creator PackageName PackageOriginator PackageHomePage PackageLicenseDeclared
SPDX-2.0
CC0-1.0
Manifold Finance Applied Operations Team
Security Policy
Manifold Finance Corporation
CC-2.5-SA

Security Policy

This document outlines the Responsible Disclosure Program for Manifold Finance's open source software.

Responsible Disclosure Policy

At Manifold Finance we take security seriously and consider it a top priority. Since a public disclosure of a security vulnerability could put the entire Manifold Finance community at risk, we require that potential vulnerabilities are kept confidential until they are confirmed and fixed. We appreciate your efforts in keeping Manifold Finance and its users safe by responsibly disclosing any security vulnerability.

Responsible Disclosure Policy page.

Rest assured we will make every effort to acknowledge your contributions.

Reporting a vulnerability

Warning
Any security related issue should be reported to Manifold Finance via the Encrypted Contact Page - or sam@manifoldfinance.com & security@manifoldfinance.com

Encrypted Communication Methods

Public Key Info for sam@manifoldfinance.com Public Fingerprint:

EA82 E243 8E63 F4BD C4AB F453 F773 F8D6 A1A6 D802. 

This Fingerprint is unique to our public key. Use this so that you can verify that you have the right key to encrypt for.

Encrypted Contact Page

For encrypted communication, you can download our PGP key: Public PGP Key

Note
FlowCrypt also provides an Attestation service, you can access that here: https://flowcrypt.com/attester/

Mediated Communications

If for some reason you are unable to directly communicate with the Manifold Finance security team, you can join the ETH Security Telegram Channel and ask for assistance in reaching out to us.

Responsible Disclosure Policy

Responsible Disclosure Policy page.

Last updated: 2023-06-30T06:24:20-0700

There aren’t any published security advisories