# Security Policy

## Reporting a Vulnerability

To report security issues, send an email to the addresses listed below.
(Not for support. Support requests will be *ignored*.)

Please send any report to *all* emails listed here.

The following GPG keys may be used to communicate sensitive information.


| Name        | Email                                  | GPG fingerprint                                   |
|-------------|----------------------------------------|---------------------------------------------------|
| ThomasV     | thomasv [AT] electrum [DOT] org        | 6694 D8DE 7BE8 EE56 31BE D950 2BD5 824B 7F94 70E6 |
| SomberNight | somber.night [AT] protonmail [DOT] com | 4AD6 4339 DFA0 5E20 B3F6 AD51 E7B7 48CD AF5E 5ED9 |


#### Where to find GPG keys

You can import a key by running the following command with that
individual’s fingerprint: `gpg --recv-keys "<fingerprint>"`

These public keys can also be found in the Electrum git repository,
in the top-level `pubkeys` folder.