Introduction
At BitcoinVN, we take the security of our systems and our users' data very seriously. We understand that no technology is perfect and believe that working with skilled security researchers across the globe is crucial in identifying weaknesses in any technology. If you believe you've found a security vulnerability in one of our products or platforms, we encourage you to notify us. We welcome working with you to resolve the issue promptly.
Disclosure Policy
- Report vulnerabilities: Please share the details of any suspected vulnerabilities with the BitcoinVN Security Team by sending an email to alex@bitcoinvn.io. We ask you to encrypt your email with the PGP public key provided below.
- Include detailed information: To help us understand the nature and scope of the potential issue, please provide as much information as possible, including a description of the vulnerability, its potential impact, and steps for reproducing it or proof of concept.
- Stay confidential: We ask that you do not disclose the issue to others until we've had a chance to address it.
- Give us a reasonable time to respond: We aim to respond to reports within a reasonable timeframe and will keep you informed throughout the process.
What to Include in Your Report
- A clear and concise description of the potential vulnerability.
- Any steps, URLs, parameters, or other information necessary to reproduce the vulnerability.
- Screenshots, logs, or other relevant evidence (if applicable).
- Any research or tools used in the discovery of the vulnerability.
PGP Key
-----BEGIN PGP PUBLIC KEY BLOCK----- xsDNBGC3bV4BDACfFekTSy/B3FpFul7je36GBNbucxh1dT2YsNcyDFFruZ8TTtCw 9DF8BdHEZSxyVfYIOldX2AK+C4fq4N+yN+sXO6IEqYx3EXmoLiSSlNR/jXICbxjV MeaMV8Mbxo3XWVFpgmiRI5e6cB2wzlDBbUXTpl5tm0xc70FQZfz5XnnaK4zn6NkC 1xh6sPJJWGsS6oXn7sHBD2064CbD/niam+nP588p/BUnpk2uNga+45iO8JOovieU 8XvnkE6wwEWJ431FhMLQzVyfCxqVXQGeaN6a3TVM7dM9bT41vxaEp8HASfbv1M/8 jfyBo+ylj5CbCuWqsvQ7xsJS7LxITsaCbDNYPispHnsU0lgW95BSAP9ltn5MfV6R d7Sp3gC5r9GUTs0tL5ump/hB112gvsxzNTFou9woEtjqc3V+DT5TferXdDsfrLz1 5J9WEkFceY9vPTR0nmpV35SVLPzg4iOydhNZQVlLvY80DDWjZoCjjPXE7pTfEzCY VTWmku9U5PAIpVcAEQEAAc0fQWxleCBXaW50ZXIgPGFsZXhAYml0Y29pbnZuLmlv PsLBCQQTAQgAMxYhBEvNdSTg1fStQ5ocIzN4VPC1xVKiBQJgt21fAhsDBQsJCAcC BhUICQoLAgUWAgMBAAAKCRAzeFTwtcVSokVSC/0dbCEaC7R/2h7eHFckId0X3rL/ 6lDCKO3hSgzRXayNnc47JWTB+R6i2vb8nEfkjulgWHcoXhZfxBfSlMz5EADRfM1a dQDGqOtt4jIg4d5Pftbyz9n3H4TaA7/NM8gD2ZeQPWkme/lyo8W3gXMcsjD3rEJZ mMmPTGLbgaYHrUixdCeYlb0zDXfzPkpOpOZForp6CdKeBCM/2y7Xt0hwhAbIX0MC WFRMsC1pj5kMcTrcLNsbbvEvZee3RQ7QxYy/KOWpvzfkKFGl3sY7STx421kDNcWZ wszIrwR1Ee1ZV/FB8Lc+wZvfCKiZDEYYNurvJTgkEBExdaGV96Ldl7fxfqWOoQhs oQjOM8dSc6DDxvQlOSDOLa7uZve+8kHCsJ5H2c4HLuZjxnnQ1Wye07w9ur3nAJ2n scZXfIvHQXWrPj9xFTpPzgmJK07dzJ5eRjKcGuTeX86aFeYHCmiwEqvwoRDQ074U /dam+AMstwYxYOby1bWcKh9LO1QD9pHH1ZFMUJbOwM0EYLdtXwEMAM3djb81uS5Z wNqzT8E7RlsFJ15hpmTeGm/keNE8LqHMFG6UdV282zKsP+j5u+8UrKTrtknG+KGA iX7vMJsQgXfUWzT86OZDusDKg0ZbE1EU3t7235vMylnmuyjzjrk7Q9AVRjrGcPFr ivRYlnMyMPLSDLBcRe2mz+nhPF3R7bltLTjiErr9paa3iYGMjbeLxzAdF55vcSf+ 1GWMACGqvmf8o0DV7bMVEhKZZfSvo9h/o1D2Chwmu+v4jv+cq8vLnIFeTKpoJ8pf QSeKJXEZZGd+YIFW3A16ec3kNaP7dyNY+Y8kPCIIBuy/1t7Mg5RNM5ws7QvzqRjz YO4TuaBKnGhogFT4sG8m5ImXrVampBNWrowiBOE49f9zCo9xRAQYE65j9AYmegDO oEdoGS1LqZa3e2cMF9RTEYACJLvte7XCksNzj6aRvJzcAY5FdqqAlmDfUCGn4yC7 Ju9KcymlGCcz5VnbifJ8ac+xEIwUWdZ0MGD/COAQmh2EHzrgXanXQQARAQABwsD2 BBgBCAAgFiEES811JODV9K1DmhwjM3hU8LXFUqIFAmC3bV8CGwwACgkQM3hU8LXF UqLM9gv/VnFm5BNo7qoUscNmd1AzasiIHoqCfetP6IczATT+9UKsL58Tkd2ls5jG YMgq3ES6OXCOG9w/HDGUOiAsF/HEMUUBg+6uwcx7L8czP4zAqIh9HsyXrgvp4blD fBCClDrB2MuCqFiUBKWzXtKncinYwFrhesg5Y0dwBEviGus+r0Udhyn6LnsAFTjV PlbLjT3AmrsbzlkQRAMFsBm+AhOSK+2qrQfuoaKAhlzzVxhomDCvLUf72UU25wLD Oy9slUbm3qXydcswoyJ0bpp214RQTq5fmtpIDNQ3Ni5LUmAh1ZihZIXOFuIuwvvP pPWZT7ipwXGOvpYTgo+VPlq6PJNT1ESKM3jPRRyv1eJxF/8UoPdu9cq4Adt8tjPc YsO048SIMSUqpoqbJpGNG/Bq1BZwIcsQwmQeieR4y9K8vIRlukoblLlRu4xqAVq6 IbSeKNgHF2RWUXZ/4NFCvXfo/JrISh38CelVvuNZxPCOBpJL0rs014nUMwVJ2jBP 6LDvZcL6 =IJvq -----END PGP PUBLIC KEY BLOCK-----
Please use this PGP key to encrypt sensitive information sent via email.
Our Commitment
Upon receiving a vulnerability report, BitcoinVN commits to:
- Acknowledging receipt of your report in a timely manner.
- Providing an estimated timeline for addressing the vulnerability.
- Keeping you informed about the progress of addressing the vulnerability.
- Publicly acknowledging your contribution, if you wish, once the vulnerability has been resolved.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article