We at Celo are committed to ensuring the security of the platfomr by protecting their information. This policy is intended to give security researchers clear guidelines for conducting vulnerability discovery activities and to convey our preferences in how to submit discovered vulnerabilities to us.
We encourage you to contact us to report potential vulnerabilities in our systems.
Under this policy, “research” means activities in which you:
Notify us as soon as possible after you discover a real or potential security issue.
Make every effort to avoid privacy violations, degradation of user experience, disruption to production systems, and destruction or manipulation of data.
Only use exploits to the extent necessary to confirm a vulnerability’s presence. Do not use an exploit to compromise or exfiltrate data, establish persistent command line access, or use the exploit to pivot to other systems.
Provide us a reasonable amount of time to resolve the issue before you disclose it publicly.
Do not submit a high volume of low-quality reports.
Please send an email to disclosures@celo.org you can use our PGP key 7283 BC81 D343 8FB7 3FBC DD4C AFEA 4E05 3F5C E709
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: Mailvelope v4.3.2 Comment: https://www.mailvelope.com
xsFNBF+AjgABEAC+b6VFJ88EohrqyNnkaukBoZU6bW09gX1beEtoTzBDXXcR E6GVvtCLPOt364Q+jQ+vxnB5iin4wYSny74zIu+LRfm/bo050sWyO9VlvDqN /I+F+Ch86ltF2YKJU06fiEPsj30wJLCCsRTWiN0Qnumsza00ocsTLYT1KMyb bsQzRDNck+VTp3ughv+7fX9/GkKwXJKx7h4xLSJrGp9YgEKjLKjs96KeFn+U LjsjqtjrjI5Oli5gpWW1NDIDJqwkA2dj1O8uD/lplIYFni54S963Vtjql0j9 bX9yoIZHixY4hDAm595eNv2jyEaYhjFLrD8qyfPoje2DOFQCX6o4t2OWQzCw kpy+IY46HX+mdzGWPb2kk/+uxsHG3wOc3Uesh94iC+ybHLW+HRMqocrVMe13 alIXxMfIX871mCG6O/l+IBsF0hyw4baqiVzniuFB0tzFYNgdiJ/SiUAOpW6T cgUG6dKq+zB72Nu9Hj8hVrlaMVnRYHPa8bjDb0kfiIIXRFTahwQloJ2eqJsg 1ODXVi3MpusL34D/3c0nTOxMFYv21TFePz+1kDJcYABactyV9BzYGlL+hqIK putUNUSuh2TZRXw7Iw/fkdHtYRn0+jInhBC9yakya4rbKCAzxSo2cQJnfQEM lxAnHo/o/RxfqTn0ft4COO0oXd9g71jCedex/QARAQABzStkaXNjbG9zdXJl cyBjZWxvLm9yZyA8ZGlzY2xvc3VyZXNAY2Vsby5vcmc+wsF1BBABCAAfBQJf gI4ABgsJBwgDAgQVCAoCAxYCAQIZAQIbAwIeAQAKCRCv6k4FP1znCTywEACs /13WT8sEadJdeVzhjephXenbxiMSDZDu29HqIbCjZ4q6Jr3UP47hgPmTC5qC 89cewmjd8GMVFYrMES1k7BFHxEaSeITvbXj5eC707PJThV8zn9qv8/oBknfo 4IQcbbFmJ/5qJIGeOPFqpGZK1u923PCeGobWNMGh2G53ahrgz5uvm+TQqGj3 onu2UNJ+i6lSGCJCouStj+sUaAClDOt5xKkWu/5QBYz2rmVjptMbFKV6Kswu PEsrA32LISP6+1EpjCF3pJ+xnIFJ7OZszGdIfmreujajoq2tqYEcVgx5fQ4p nR+ej2J7hfiuLXE4N1DY37Pfd1jBuWpbtIX/nbms9TlQCRGzXQjQh4dj+9KU h0XfjAe/YGPBova6uBrc4x+m1LXEkIsBiZhPHpylED2JTPTGXYN2qQzJkMXl j2eQAKKvq/QqJEG4Roq5OgsSoap8CTffWO2FyLM+92Guz1t/D2hug4MB8Z// Xgc2JFAaWQ6ugK4W6Sa8vVrWqKymhMK0rRe/1PL8FMmxdXfNuCow3qb2Rlmd HxRcyl4KB5f9yryeGG+r/ibTtkdm6i2gYNkhyGXnP+U7gHcWnVY6xnh+uD0t piS4urm/YRDFP0mTxj6Pc8cgjwUWPwAHcLkzDQM0B8b/JFDeHugNt4SK5kDJ DBYMY5bDCc/Cylx/ArjBR87BTQRfgI4AARAAv1O3k9qoCPnQB3CglXSxIhTX GJJ77y76pM6CMdhYJgni0hwKR/9aPqEP7mejT4qwviHSPw93Phj8+TmDKNk3 uq5ASSB6cWGQZ/apoMi4AKTaUbnY2RHi1Nw67M/igP+fKvg0iHTBqX7x30+x 02OTYegXywRuZ2eN/b4ZZKIvfqK6YLp9E3ezNwdGcyG9JqcTmqkRsaiZa6kM AU71JOpnwBOUfcJ2nFOThU0+MwJo1MxUhsojcrzkSGb8/aSvMBveCaDeAmQq yEHsONjsEO8UOZ/RxexQbB7FfoeNYkGe1g/CTiL8jHJeAd737SdtSYpcgKTh nWV+tOM9hmy67MkNJm1HPvI4dh99nwQBPag2kfNHtgZOPf9W/3x473JE+Fmt qYXvxbDfmPaIXlGsbuEHvIFu+7fTJt2Gi9gkzlI23E+F5Zoy+mmcDJxxBBZ6 IIfLKMRoZiL2uzE401OZRnkVthDrltkAJmVhYmJ22GrwKDuTqnaukEDx+KUM XUmDaEItr2E3FWQ0sPbndxRwNoy0r5xR3/TFFhFmhl6ZDUdDzPyal0xiJU9J SqWy9fF0k+hhOh1YYLF0iro5FnYfkm2q3snjqbck3wyad6d1CmNr46hZ0CIo uFe1CpLOIHwEFdYxAtvnpojITXZgTBAOvpg+zGJDTF5PztcIWuQ+H+Yg2D8A EQEAAcLBXwQYAQgACQUCX4COAAIbDAAKCRCv6k4FP1znCUC5D/0VvOkfflE2 f1VdEjwwE1PzWoLnp/LK9hy9MR14qbfnmw2opesBUjhHteoW8+kjh8MV6PBs +yYahhr3bFlPR5FK3R+9EdfEvZSjwDOrqwsqujTTnBvGUYRjPA93KGmdnrpa O8WzRSY63B8Oxt3a+KdOglutvTW1FV3waqpnN8zL6i2M9pfCox+dJK7XJKQY OAitSN6g1C4dVRnXExomcvJ+w5DY5YCuu4w9kJGxRDouqq2uU2i+A3XAfl0t nIoFoogwAUguCC2YQXq10nKNMYmJUrB/Diwnxqkfa3fmdMGWb/X0vxc8A3wV J/wzICnzn7J2s/TkVtOQsnNYJ5NVVS+8GQEVpPjs1NAuvcI9tRcYLiMNPzjX kKOtNq6uaIvQ/L3z5bCy3e5gxfnMeGU55ZjR22WCTsKPIY9G/bFi/DbEPR3V LydsLrd6cPFq9j2Wirww0jOdpdrJADpR9hKq2b9eMps36+Z88LnvKxF8U+hF mCClYViH/1E+NoD/UuswmIwkupWmNYylSTn5cnBx7gNOnXK5tnFPwrptYJ7n VQIdAwvoDkU29KUwbIgRCdrA+BU6yYMGxM/nPBNDsgOP4QNNmhhB+u8jNcgT R1M9CATkqyw3d4ww314Xc3GLJRftYeUaJkCMDlYkd16OvOuj9xoEUx6ahimx W2grzwCRcXkUDA== =S96l -----END PGP PUBLIC KEY BLOCK-----