This security policy applies to the "core" crates in the rust-bitcoin ecosystem, which are
groestlcoin
, secp256k1
, groestlcoin_hashes
and groestlcoin-internals
. These crates deal with
cryptography and cryptographic algorithms, and as such, are likely locations for security
vulnerabilities to crop up.
As a general rule, an issue is a security vulnerability if it could lead to:
- Loss of funds
- Loss of privacy
- Censorship (including e.g. by attaching an incorrectly low fee to a transaction)
- Any "ordinary" security problem, such as remote code execution or invalid memory access
In general, use your best judgement in determining whether an issue is a security issue. If not, go ahead and post it to the public issue tracker.
If you believe you are aware of a security issue, please contact Jackielove4u at
security@groestlcoin.org
. You may GPG-encrypt this email to his public key, which
can be downloaded from his website here or which is
listed in full below.
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQENBFxOL0ABCACnC4Im0MjbJpfoxWxkIWC9zugsjckwHC2UbXu5gFjtPbE6bXwK IvhQeoHNPxuwm1dOWwWtJvoAoR+lOJqRMhvPM1DBcZe4Ht6XzzWnwx9WRP3lP99a J2xOhdwNKv+HCVJ4tbwTTtkWuNWCMiUEjigoULTjKr1mecwoSEnQIRR0ciwxIpG/ mO1SQdS96sujr3+70LTThIjgdOD1CA5GrwZSMctIPXEGXKXEQ4NL9/Zc8I5G9//y 8B+TiHTCpoIWfFbYw1GAUkLhswWV+rLNIYQzjxe3w9FD40+s1dU/1DzO2y2gib2n G57RnwQ5V6i4axi7buWNzhWqGBXR6xxVIfN1ABEBAAG0J2phY2tpZWxvdmU0dSA8 amFja2llbG92ZTR1QGhvdG1haWwuY29tPokBVAQTAQgAPhYhBCh65MoRh8aMCLSc stEb1PM/HbSZBQJcTi9AAhsDBQkDwxhwBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheA AAoJENEb1PM/HbSZFIgIAKaLGqXuahun8Nuds0c33ezqdT6vu4llAJSxX+dAg0Z0 DKgski4jep1n94qvQXcoFhTcvXNxIv8YATzNx9JyM7SRVPQspr+g0hkzq75XfgsV VqW8vPqAB1pdQoaSoK6wFljTA5DKifp7T8sJeNtReCjjSptszhdFaNllHAotz9qj EoSHSnq8zlYKcVDnSqDEZozrbTohhWhc4V9VoNcYR8evNSdE8RCS+loVaPUIwANp YK39Wxs0uE0j30iC/BY4b1ORP/fP7W3y8bgHscdQ5tEJa53iOFK3AYMhjc4ULZIz i1z3rw1CcItWbuF5AbUTpnWRFG2uza6yRwZhcQyUBT+JAU4EEwEIADgCGwMFCwkI BwIGFQoJCAsCBBYCAwECHgECF4AWIQQoeuTKEYfGjAi0nLLRG9TzPx20mQUCYKQg 1wAKCRDRG9TzPx20mebGB/4ysYXWP0gwvujHpEVY3gWokipOd8E/QFCqZKNC2RKE G1IHdCzm40B8RNsaTqa3DVRWB90EMAfdycZjjsTEXKdT3GLe7RHxp+EEWGPmnjf3 IftT7FJ3McskdBh2NCkboguMyTBoSKQCN/sDPpGEPjE8SCVK7INYv5amv4ewo8xN AkAcpPSwGqrt/7O6G5ENVbrofF55rg4BGO8bk8Y5/mdgZO9bBk8Zedqce8i4I/pG s2MrqO8G/EZ75ph0mGUOsiS+okYoxOQgRZwx2650F5CMXt4gYvigibxF58IHIa4h vQDW8JsM4i0LhAZ97yalLFd5f/L3vSHYeJYrJG5c/8seiQFOBBMBCAA4AhsDBQsJ CAcCBhUKCQgLAgQWAgMBAh4BAheAFiEEKHrkyhGHxowItJyy0RvU8z8dtJkFAmCj 5Z4ACgkQ0RvU8z8dtJliWAf9HejvPLM4iEUBmq73SANpWbviJlQjFZoaOYXbzUiw 5NshybN6IBVJ3eXx2d2mEx2OuLsOVwiYNPFSGZ/DBgNCKg8DejrVKC+QL4DdAa/L jhayjl9ogiCsvzSupBJ0ol/rsz63ZSy/6xaIbYFDwrgkUnfcbIgPunIgtPZy57CE o5wzAJX5vJM1i97e43khGV633Q9oqIemg+wH4RhnzvodEivA4fOIWGZCAJEo+7kw XvLnbs3OqfQ4S2YcmH7CGkyQMTRi0ho00s7Av7yhZ0tORjt7x2q3D5nFm8l0jzgQ C0/8OHpWFAAbiB/E9z0MkWT5Zwp7m6HfdkPA+q9cKPnII4kBTgQTAQgAOAIbAwUL CQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBCh65MoRh8aMCLScstEb1PM/HbSZBQJf P8seAAoJENEb1PM/HbSZxpEIAJphGz8X+cA6MVu7ltETxtxFAx7Mk/phEthWUXyA 8XAHsDaG4zLZJgXnJ5pd2oyV4NQxOssqpnvqrxWYqW9kRoGRviznQwh3yO74HtHi 13FrtRJ/Y4or5M2Q9Rx5/YKwDTgUkI6jKcE5Ol6FzIaa2ux/mBoTFZPSOb6aBlj/ AI/CgizVYaDnXPjfm0AaBx9yd8QaEZ00fT0btduc1TnX/5J/RNshgpks9J4A1BLB Yx6h4UBXSXGsxwuDFuVVd7fy78eGk7RrNwhsZurbulMoeMxb+mnsbv1ipu0EcBEe BnuXHfRx2iApDEXsNTYUoNEuB2VQep0hWvAOkmkrROG9sXO5AQ0EXE4vQAEIALv/ X1oH8r4uHfzkoQDrVvsjiGeTOVLbwNAqJGHzxWi2brVjlOdffmJGMRWS89trrveX WAITzjgFpkiZubOj/lS2+k5jE/IAakyX+eMUFULZt+6DF5oJBKTkdKaLi11dzJCP maIvfkNz3g68J9RlDJBFVLJzlaFGq6xZ1itbYDPrNjx98f7VhR2XbG/bise9heUp m9YJnJ8u5fjhbo10NNg6nwj7Huhwa+tuTHmQ/yPQ+dh8EeW78uwxrTRZ1DFTRTnF nBS6Q3jBI4cte8B0UWtcCZyXOXatShr/V5LTwH/Cxck2uu2X5tczhAWA1I3uZS5v UkJH2kl1wWs54Xb/zMkAEQEAAYkBNgQYAQgAIAIbDBYhBCh65MoRh8aMCLScstEb 1PM/HbSZBQJiu/3lAAoJENEb1PM/HbSZjuYH/2lEMNVpF5cGB9leDw1AkSs6xdqn 8ZcYl9JsvJ4qD077HsoaZq/0wpgLg+zqzxPJdZ7gwaPpp8iun/V231FiHofPHJEr +HOt6RusptZzQnPL4kJ2KrL58ZtqMNFgWVintg+hDe3FqLF2nPcpwAR3TPWSILmd T3MyRUfyNB8k91NSKDkUGpkBlbsagQtfdWdbMTmiNT1rL+7abrFwdqy6zFyXkvpP dtKvpcsibmaWmIItjoyZAcgbfT7s1vctety7eE5BnTQZ2USo3lGgcWhtsjOHPBba 0FxoDQ0xtOwNNim85WKQfpKpiRNT4vjS+ogTA/s2ly0+h7BxuU3I4n7rOUU= =iMFi -----END PGP PUBLIC KEY BLOCK-----