Skip to content

Security

Bitcaster’s development team is strongly committed to responsible reporting and disclosure of security-related issues. As such, we’ve adopted and follow a set of policies which conform to that ideal and are geared toward allowing us to deliver timely security updates to the official distribution of Bitcaster, as well as to third-party distributions.

Reporting Security Issues

If you've found a security issue in Bitcaster or in our supported SDKs, you can submit your report to security[@]bitcaster.io via email.

Please include as much information as possible in your report to better help us understand and resolve the issue:

  • Where the security issue exists (ie. Bitcaster Server, SDK, etc.)
  • The type of issue (ex. SQL injection, cross-site scripting, missing authorization, etc.)
  • Full paths or links to the source files where the security issue exists, if possible
  • Any special configuration required to reproduce the issue
  • Step-by-step instructions to reproduce the issue
  • Proof of concept or exploit code, if available

Data Privacy

To encrypt sensitive information that is sent to us, our PGP key can be found on keyservers ⧉ with the fingerprint:

6EA1 A80D DDB2 0FC7 CC38 0612 B48C D721 62AE F583