We welcome responsible and constructive security review.
The Onionr software and any nodes you control are within scope.
Avoid social engineering, volume-based denial of service and disrupting or harming the Onionr network. Do not attempt to exploit any machines/servers you do not own or otherwise have permission to do so.
The following exploits are of particular interest:
We do not consider non-network based same-machine attacks to be very significant, but we are still willing to listen.
Onionr is a student-owned hobby project, resources are not available for large rewards.
Stickers or other small rewards are available. We reserve the right to refuse rewards for any reason.
Public recognition can be given upon request.
Email: beardog [ at ] mailbox.org
PGP (optional): F61A 4DBB 0B3D F172 1F65 0EDF 0D41 4D0F E405 B63B