[Misc]: add SECURITY.MD (#2872)

trustwallet · Jan 17, 2023 · fd2fac8 · fd2fac8
1 parent 14a14b2
commit fd2fac8
Showing 1 changed file with 29 additions and 0 deletions.
diff --git a/SECURITY.MD b/SECURITY.MD
@@ -0,0 +1,29 @@
+# Security Policy
+
+The security of our users' assets is of the utmost importance to us. We take a number of steps to ensure that our crypto wallet is as secure as possible.
+
+## Reporting a Security Vulnerability
+
+If you believe you have found a security vulnerability in our wallet, please contact us immediately at [Bug Bounty Binance](https://bugcrowd.com/binance). We will investigate all reports and do our best to quickly fix any vulnerabilities.
+
+## Responsible Disclosure
+
+IMPORTANT: Do not file public issues on GitHub for security vulnerabilities. Do not publicly disclose the vulnerability until we have had a chance to patch it. This gives us time to fix the problem and protect our users’ assets.
+
+## Encryption
+
+All private keys are encrypted and stored on the user's device. The encryption uses industry-standard algorithms and is designed to protect against brute-force attacks.
+
+## Regular Audits
+
+We regularly conduct security audits of our code to ensure that it is free of vulnerabilities. We also stay up-to-date with the latest security best practices and technologies.
+
+## Bug Bounty Program
+
+As a part of Binance security program, TrustWallet also participate in their bug bounty program. For more information on eligible scope, rewards, and how to submit a report, please visit [https://bugcrowd.com/binance](https://bugcrowd.com/binance)
+
+## Disclaimer
+
+As with any software, there are always potential security risks. We do our best to minimize these risks and keep our users' assets safe, but we cannot guarantee that our wallet will be completely immune to all security threats.
+
+