Bug Bounty Program

Hall of thanks

Special thanks to the following people for helping make our products more secure.

1. Saleem Rashid 4900 points
2. Christian Reitter 200 points
3. jubobs 200 points
4. Joseph Jose 100 points
5. Maksym Kraynyuk 100 points
6. Virendra Tiwari 50 points

How to disclose

Step 1.Include the following information in your report.

  • Code or proof of concept so we can reproduce the vulnerability
  • Description of the vulnerability
  • Your name/handle: In order for us to give you proper recognition if you wish.

Step 2. Use the following PGP key when submitting sensitive information.

  • security@shiftcrypto.ch
    PGP: 4B40 A37E D0BB 0775 EA91 0A31 684B DEA7 EF01 480E

Step 3. Send report to security@shiftcrypto.ch

After your submission, we will follow up with you as part of the review process. Once we have determined that you have found a security bug, we will give you recognition for your work as part of our “Hall of Thanks” (if you desire) and allow you to claim your bounty reward.

Please read the details for full requirements on how to be eligible for the bug bounty program.

Security Announcements

We encourage you to sign up to the security announce mailing list to stay up to date with the latest security news from Shift, including release notes and bug fixes.

To subscribe, please send an email to security-announce+subscribe@shiftcrypto.ch or follow this link: https://groups.google.com/a/shiftcrypto.ch/group/security-announce/subscribe