The Berty projects and their implementations are still under heavy development, which implies that they could contain security flaws and bugs.
We take security issues very seriously, especially in our context of developing secure messaging tools.
Whether you are a security expert or not, if you detect a vulnerability in our code. Please bring it to our attention right away!
Please DO NOT file a public issue; instead, send us your report privately to security@berty.tech.
Once the danger has been averted, we will publish your name and report with our thanks, unless of course, you prefer to remain anonymous.
If the issue is a weakness that cannot be immediately exploited or something that hasn't been released yet, feel free to publicly talk about it, if possible, in a GitHub issue.