If you discover a security vulnerability in Coinnect, please report it responsibly:
Email: miguel@coinnect.bot
Subject line: [SECURITY] Brief description
Please include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Acknowledgment: within 48 hours
- Assessment: within 7 days
- Fix: as soon as possible, typically within 14 days for critical issues
This policy covers:
- The Coinnect web application at coinnect.bot
- The public REST API (
/v1/*) - The source code at github.com/coinnect-dev/coinnect
- Rate accuracy (rates are informational and change constantly)
- Third-party provider websites linked from Coinnect
- Social engineering attacks
We gratefully acknowledge security researchers who report vulnerabilities responsibly. With your permission, we will credit you in our changelog.
- Email: miguel@coinnect.bot
- security.txt: https://coinnect.bot/.well-known/security.txt