Report a vulnerability

Swan prioritizes offering secure services and protecting all Swan accounts. Researchers and the Swan community are encouraged to report all security-related issues. Swan thoroughly investigates all reports internally while coordinating with you to fix the issue and prepare a responsible disclosure.

Trust Center

Visit Swan's Trust Center for live information about Swan's security. Understand security measures in depth, review policies, and find answers to frequent security questions.

Report a vulnerability

To make a security vulnerability report, email security@swan.io with the full details, including steps to reproduce the issue.

If you'd like to encrypt the email (not required), please use the provided GNU Privacy Guard (GPG) key, attributed to Swan's security team.

Encryption GNU Privacy Guard (GPG) key

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBGMRwxMBEADX+27SleleHaxYfU0ey+qH3KS3rS/L52xOKGyMDXtGw38mNWyn 6P7JvIcx86ti4HkplYRAw36FZSAK9NGSM2tnjfVzv7oJKhWg5EI/9gPQpKPktDQS xaD7ImGBuF42u0b7eJK5AvAizQ8RwMaKezo84gDMZdRkV4vPiWTxUH23uwD0ey57 13JjrzLqrr3t1ZkXE52nt+h89LR6q/78IJwtCHb/ZhHCw/giI37Ix25+MlVDrIB8 0mltoyUm/bFtR01hX97116KR4T4WhGJMackDG3AULm4YjPxBUQiuMWn+4DR+CBde xKrq+v2Q85/dq3HRaZ+Z3a2d7Yenne9AyTp19gCEy6+4ld1j170Cj7V7auB/bJcw 8Mzkd6JS02XWcC0Aq961AM7EQ6DZom+Q8lyqdRIjTI/QjWZSULQNusd7vJvFdEz3 Bd6YIFeC7chodN9TIaCOfJJJJIoN2ntB69uX2cyYtIr/keNkIL/vOgbwTfm0CviP h76GFgN1YiwJ4JGe4DmATmjBDtRf6SUalXL3fQeP6eBCnEPh3paCx3RyWkThme4L rbYR8EqFV9ipVnUTdN4i1IgVn5rydVpqqJd9zmN5Jk+xvgbthy1gxPFNFt26ZAXE FrbI/Xx0g6fNhN+51Z93OP2ckPT6+MkoZjB7WMiA5NsgeiAop3GTMYZdiwARAQAB tCVTd2FuIFNlY3VyaXR5IFRlYW0gPHNlY3VyaXR5QHN3YW4uaW8+iQJOBBMBCAA4 FiEEhpdeLqFNMSQgGJ+O1VBNzkad0mwFAmMRwxMCGwMFCwkIBwIGFQoJCAsCBBYC AwECHgECF4AACgkQ1VBNzkad0mxl4Q//TWMc2wPuYnr/m896IQqhUUzp+9jBb1/v 0a19J/aCRPw72i10az5PDXFpagPUE2gQoeTxT3A/0Sg9zYc2TBT0iP+zrj9GD1/W K0zM1efolRIHlUyOjyFjLAn6RNXKg8lyhWCv88hNSoKQ88bW3+GG3bnO1R+mPgCe m1AIQQE0pBP/I0K3XpLDQvdY22vkWpcXNbULjcirHG6JRWfJmlYhGRLQnAFdzzG4 afzD5k97fxdChJz78hpoUbmD9EZMbcoOgCQJyodzYQevwNDQ89SBLh2wQT9Bzm3y EE/vsqMG0aYKh0r6L9XfqPxTahcpEKT42mvkCLlmWy+HlEvicME9BStGST7C/a7I wpUx4nuqdPB4GIgxgOkaBbkotgxCammDe3qjQjtIRs/h7AhG/rXhNni1kzeQSZ5u SPvnkaUJvnT8tEQw+dU31z2MWq7M8LRgMsi4nKhDPpKBLH/ITGpTbyDCa1cPKTKD ey468x+8uJl+s1w/9Xg4pyT1fcBPzcc131gWykO6cqT9szITu518zBY2Hw54ywzf fHWJjI6sZ+ggYnj4ELVcLswIpPU2yWI6pXU+Ume8tHJvAAqyrqPqcyORNPZrwBjw AOMHB1RpFwqmyY8XbMUzFB/m1WnH29mbDS7UhWvqGpUeKfuowBZs8tDAR5YjJh32 3+2luh0mmOO5Ag0EYxHDEwEQAO5Z0iGFmLsSC/dWWXSYjOOuQM+S12iF7ot9grEY Pjlr4GqI2jhh7u/QuSCyvp54yF3DkAGT8on/IYv7PksnPOw32apWqinADGJWYCAD NgPMxo019+qGWbf4qUUooWLots0VJjCNhF2OPGmSGv5c/O1gespAC1E1CX5wgPEn hSkU1kUACauXyJYrs4tL5VKOcx1Km4J3kyCJYyE9RfTC5s0KovI/qKGgcCqFO4Bv iqT4aTbkhPdbztMPRgUobd3UoHyMA+lvAHnyOix47U+LQ43BMuHRuF0g3z8gpx4j 6RdJoqueLg/tMuRJ250kUU8bWpXEmOUjH1dZkT6m03Ez6oIFvxCTiPEe9VveXZkH przs4L+AdnAaAsOD4joz0kqD7Wu16yw0TPubJpYV+TWzo854gLqFIdR6hoAnY78U d6thq4kPHkZqG0qIqcfpvBKBxli4Ecza7utwYCSDkW7C5c9hGV8TtE6Sj4sh/oZP YXIjb9iNcLhD1Npnli6fUs1Uf5P0aedU1TLSunI1tzGr4gD6HqJX4BXc1TKQKPrL sRtscfdAHPy+QFLhK59ALalvvDwAHqu/EhlOi8xypBAhOAe3seAL7QYE8wNaVh0F qBmI363JEum0Cv7ObGUlPta/bEIRjnI0TbwsX+Bpt3QB51/1j1f8MYKKToOr6m4D DrK1ABEBAAGJAjYEGAEIACAWIQSGl14uoU0xJCAYn47VUE3ORp3SbAUCYxHDEwIb DAAKCRDVUE3ORp3SbK6CD/9+SWRPjIiAgSELmUBOCrJf4dl6wuJhuJumFrlO2CMb u7bfNg/P3eO533cF5SACH00t7qtgYWh/ykix3r+8nbbXGBX5PAo2FG2yVb8xiodQ wL8A6Wxa4XAQ0pFlQ3gWxMEvDmDJoCd3JvLAtdOxh0ytgLYENDz284sxdJp6t5F9 PwIc/eGPxIdfUdG82G9VM2TlYu59Glm1IhJy47CTzcqSiSn/kTmco628p9qI2aBh 7uyePaVXcJa9mz6KQos8HUlK4CRD/O7zNsAztl6MjTgJaTUfPj0qMZ2zMFelpj+F PoNEAuI28x5l89R+7+i+8Q4Pre6XLptVpbaNSrda5pc17hBTpNl7jpn0gcZbkto3 OIk32GFbSJnP/EFqoicEDHnzhRoDPoay5okwW5bWDA5xNseHTrwdyEm5hmF5GfsD xTeKTuphDxquHTPNaG2Z1Hx69J6bWtVlg7FTxhA9EN0lgnJSqQqy1T2EsbgjpsUx 4AocHZFOWGl4lsGROn7XZfvq8L04Kt6pBL41KW83GwscJQBDvDxNquZSw0bfBN0k g1+djZnolh3dHGzMHkAn1l664UDije1+zrRLr0ucA+MavlEKBsB5ZskgnaWVeYaY QJL+JSPQ3KKh6YdpZO9ppOnx9eDgl4/Cok/9OYyG+n+444KZZ3Pw+zKlcPd9SrW7 Ag== =LEk2

-----END PGP PUBLIC KEY BLOCK-----

Please file a report if...

1. You think you discovered a potential security vulnerability in Swan's APIs or services.
2. You are unsure how a vulnerability affects Swan's APIs or services.
3. You think you discovered a vulnerability in another project that Swan depends on.

Please don't file a report if...

1. You need help fine-tuning Swan components for security.
2. Your issue isn't security related.