Bug Bounty

We care tremendously about the security of our products and value working with independent security researchers.

Scope

While we have many products, the bug bounty system covers the following products:

  • the Glow iOS app
  • the Safari extension in the iOS app
  • the Chrome browser extension (coming soon)

Rules

  • The Glow team will decide on reward eligibility along with reward sizing.
  • Any disclosure reported to the public first will disqualify the submission.
  • Disclosures may be submitted over email to security@glow.app
  • We restrict bugs to the following categories:
    • A bug that will lead to the leaking of the recovery phrase or secret key to a third party.
    • A bug that will lead to the wallet being locked and not recoverable.

Rewards

  • Higher rewards will be given to better written reports.
  • Rewards may be up to $250,000 and will be based on:
    • The severity of the bug.
    • The likelihood that the bug will affect users.
    • The responsibility of the researcher — did the researcher take destructive action or otherwise harm the functioning of our systems.
    • How well the report was written and how easy it is to understand.

Other Terms

By submitting your report, you grant Glow all rights to validate, disclose and mitigate the vulnerability. All reward decisions are up to the discretion of the Glow team.

This terms and conditions may be altered at any point.

Submit a Bug

You can submit a bug by emailing here: security@glow.app