Skip to content

Security: trezor/trezor-firmware

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

To report security issues send an email to [email protected] (this is not a support email!).

The following keys may be used to communicate sensitive information to developers:

Name Fingerprint
Pavol Rusnak 86E6792FC27BFD478860C11091F3B339B9A02A3D
Marek Palatinus 71B5A80A63FE12B0D74DABBFE4A883364AAF6E16

You can import a key by running the following command with that individual’s fingerprint: gpg --recv-keys <fingerprint>.

More info about our Responsible Disclosure program is available from https://trezor.io/security/

There aren’t any published security advisories