We're hackers, we love Hackers (the movie of course), and we're strong believers that security problem discovery and discloure is a good thing. We would love your help to improve the security and reliability of Coinpunk. Not just for us, but for you (because you can run your own), and everyone else in the Bitcoin ecosystem. If you've discovered a backdoor in the Gibson (be it the Coinpunk source code or coinpunk.com), tell us about it. We won't call the cops on you for doing legitimate security work, and fuck everybody that ever did.
If you find a major security problem:
- Send an email to
[email protected]
describing the issue. If you don't want to share your email with the NSA, you can use this PGP key to sign and encrypt messages. A diff to fix the problem is even better, but we'll take any and all reports regarding security. Or your best recipe for a hot dish, that's cool too. We've got a hot dish pan and we really want to use it for something. - Give us a solid amount of time to try and resolve (or more likely, understand) the problem before disclosing.
If you do this, we will try to provide:
- A bounty of no less than $100 USD in BTC for a disclosure that could have caused loss or theft of money, probably higher if the security issue is really bad.
- A free Coinpunk t-shirt sent to you, made DIY punk style in a basement in Portland, Oregon (I'm not joking)
- Credit on the project's documentation and/or website, if you wish. Upon request, we will make a special security page just for you and deck it out with animated gifs from r/cyberpunk and stuff.
- Even if it's just a false alarm, we might just send you a shirt anyway because they're really bad ass.
Keep in mind that we are a donation-driven project, so we do have budget constraints, but we will do our best to reward people for helping to improve the security of the Bitcoin ecosystem, and we'll make sure you receive the credit you deserve. Crash and Burn.