We take security seriously. The Reggie team commits to:
- Acknowledging your report within 24 hours.
- Reproducing the issue within 3 business days.
- Issuing a fix or mitigation within 30 days for high-severity issues.
Report
Email security@l1fe.ai with:
- A description of the vulnerability.
- Steps to reproduce.
- Affected versions.
- Any proof-of-concept code.
For sensitive disclosures, encrypt with our PGP key (fingerprint
5F2A 9D8C 7E1B 4F6D 8A93 C1A0 4B2E 7D8F 9C45 1E6A).
Bug bounty
Reggie runs a bug bounty program through HackerOne. See hackerone.com/l1fe for scope and reward tiers.
Hall of fame
Researchers who responsibly disclose receive credit on reggie.ml/security/hall. Bond slashing discoveries earn an automatic 10% of the slashed amount.