The security of our users' assets and information is our top priority. The XRP Toolkit team is committed to working with security experts across the globe to stay up to date with the latest security techniques.
If you have discovered a security issue that you believe we should know about, we'd welcome working with you. Please let us know about it and we'll make every effort to quickly correct the issue. Depending on the scope and severity of the discovered vulnerability, you may be eligible for a reward.
The following web services are in scope:
XRP Toolkit integrates with several hardware and mobile wallets, including Ledger, D'CENT, Keystone, Cobo Vault and Xumm. This responsible disclosure policy also applies to our wallet integrations, but does not apply to the wallets themselves.
Please follow these rules when looking for vulnerabilities in our systems:
0DC5 B973 F29E BE00 A2B4 982B 55DA 10F0 3FA0 608D
Please include a description of the vulnerability, where you found it and how we can reproduce it. You will be updated on our progress as we triage and patch your discovered vulnerability.
Any activities conducted in a manner consistent with this policy will be considered authorized conduct and we will not initiate legal action against you. If legal action is initiated by a third party against you in connection with activities conducted under this policy, we will take steps to make it known that your actions were conducted in compliance with this policy.