Skip to content

Security: bitcoin-core/secp256k1

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

To report security issues send an email to secp256k1-security@bitcoincore.org (not for support).

The following keys may be used to communicate sensitive information to developers:

Name Fingerprint
Pieter Wuille 133E AC17 9436 F14A 5CF1 B794 860F EB80 4E66 9320
Jonas Nick 36C7 1A37 C9D9 88BD E825 08D9 B1A7 0E4F 8DCD 0366
Tim Ruffing 09E0 3F87 1092 E40E 106E 902B 33BC 86AB 80FF 5516

You can import a key by running the following command with that individual’s fingerprint: gpg --keyserver hkps://keys.openpgp.org --recv-keys "<fingerprint>" Ensure that you put quotes around fingerprints containing spaces.

There aren’t any published security advisories