This document outlines the Responsible Disclosure Program for Manifold Finance's open source software.

At Manifold Finance we take security seriously and consider it a top priority. Since a public disclosure of a security vulnerability could put the entire Manifold Finance community at risk, we require that potential vulnerabilities are kept confidential until they are confirmed and fixed. We appreciate your efforts in keeping Manifold Finance and its users safe by responsibly disclosing any security vulnerability.

_{Responsible Disclosure Policy page.}

Rest assured we will make every effort to acknowledge your contributions.

Warning
Any security related issue should be reported to Manifold Finance via the Encrypted Contact Page - or sam@manifoldfinance.com & security@manifoldfinance.com

Public Key Info for sam@manifoldfinance.com Public Fingerprint:

EA82 E243 8E63 F4BD C4AB F453 F773 F8D6 A1A6 D802. 

This Fingerprint is unique to our public key. Use this so that you can verify that you have the right key to encrypt for.

Encrypted Contact Page

For encrypted communication, you can download our PGP key: Public PGP Key

Note
FlowCrypt also provides an Attestation service, you can access that here: https://flowcrypt.com/attester/

If for some reason you are unable to directly communicate with the Manifold Finance security team, you can join the ETH Security Telegram Channel and ask for assistance in reaching out to us.

Responsible Disclosure Policy page.

_{Last updated: 2023-06-30T06:24:20-0700}