Here at tZERO we take security seriously!

We appreciate the community's efforts to make the web a safer place. With our Vulnerabilty Disclosure Program you can safely and responsibly disclose vulnerabilities to us. Vulnerabilities can be sent to [email protected] and can be encrypted using our PGP Key. Please, include all information related to the vulnerability along with the steps to reproduce it.

Responsible Disclosure Guidelines

We pledge to not seek legal action on any vulnerabilities responsibly disclosed. Our guidelines for responsible disclosure are as follows:

  • Provide the details needed to reproduce the vulnerability.
  • Make a good faith effort to not breach privacy, destroy data, degrade, or interrupt services.
  • Give us a reasonable amount of time to address any findings.
  • Do not modify or access data that does not belong to you.

We would ask that you please keep all the vulnerabilities you discover private and not share or publicize them until we have a chance to address them.