We are constantly working to make our systems very secure. However, it is always possible we missed something. If you discover a flaw, we appreciate your cooperation in responsibly investigating and reporting it to us so that we can solve it right away.
Please send us details about the vulnerability by email ([email protected]) and provide us with enough information to reproduce and investigate the problem.
Please respect the following guidelines:
• do not use a denial-of-service attack or social engineering;
• do not use any user account other than your own account on Coinmerce;
• your research should never result in client data becoming public;
• never modify or delete data or make any system changes;
• do not try to penetrate a system more often than necessary;
• do not use brute force techniques;
• do not do anything that may affect the availability of our services;
• do not make a vulnerability public.
To thank you for your help we may offer you a reward, but we are never required to offer a reward. We only offer rewards for issues that were unknown to us at the moment of reporting.
Factors in deciding about the reward include the severity of the issue and your overall cooperation in following our guidelines.