Please send any issue that you feel affects the security of Trustroots to [email protected] or via our contact form.

If we do not respond promptly, please send us a quick message without details to one of the following:

• An issue at GitHub
• Message @trustroots on Twitter.
• Give us a heads up on IRC in #trustroots on Freenode.

We unfortunately don't currently have any budget to pay for security bug bounty programs. :-( We are a non-profit, open source, volunteer based organisation.

• December 24, 2019 Check for user id before modifying offer , kudos Kenny Flannery

• https://www.trustroots.org/.well-known/security.txt