This is a full guide for reporting and handling security vulnerabilities in this project.

If you find any security vulnerability in this project, you can send a full report to [email protected]. We will review your report in around 1 week or more and respond to you. We may consider paying you a bounty reward using only Bitcoin (On-chain, Lightning, Cashu), depending on the vulnerability's security level. However, if you publish any public write-up or report before we respond, you will not receive a bounty reward. After our response to the vulnerability report, you or we can publish a public write-up or report about the vulnerability.