Please follow this policy when reporting a security vulnerability in the dawn-key-management repository.

Email hello@dawnwallet.xyz with a detailed description of the vulnerability. Please describe the issue, how it might be exploited and if possible (although not required), submit a proof-of-concept to us.

The preferred format for a proof-of-concept would be a private Github repo. It can be shared with the Dawn co-founders (Tom and Isaac), whose Github usernames are: thomas-waite and sideround.

You will receive timely updates on the status of the bug report.