Security @ Glif

We operate a bug bounty program and are happy to compensate white-hat hackers for responsible disclosure of security vulnerabilities. Currently all types of issues across all glif-related domain names and social media accounts are considered in-scope.

Please email security@glif.xyz with info about the issue you've found and we'll get back to you as quickly as possible.

If necessary we can provide PGP keys or switch to Signal for more secure communication.

The size of the bounty paid is based on the severity of the issue - e.g. would it cause financial damage, would it reveal personal information, could it be used for spam or abuse, etc. and if it allows for mass data access vs. requiring individual users to take action to be compromised.

Thank you for your help!