Skip to content
You are reading Web3Signer development version documentation and some displayed features may not be available in the stable release. You can switch to stable version using the version box at screen bottom.

Responsible disclosure policy

At ConsenSys, security is a priority. But regardless of how much effort we put into system security, there may still be vulnerabilities present. If you discover a vulnerability, we want to know about it so we can take steps to address it as quickly as possible. You can help us better protect our clients and our systems.

Please do the following:

  • E-mail your findings to Provide sufficient information to reproduce the problem, so we can resolve it as quickly as possible.
  • Do not take advantage of the vulnerability you have discovered.
  • Practice responsible disclosure. That is, don’t reveal the problem to others until either:
    • We have released a fix for the disclosure, or
    • 90 days have passed, or
    • We waive responsible disclosure.

We will acknowledge receipt of your vulnerability report the next business day and send you regular updates about our progress.

Questions or feedback? You can discuss issues and obtain free support on Web3Signer Discord channel.
For paid professional support by Consensys, contact us at [email protected].