[bitcoin-dev] Responsible disclosure of bugs

Simon Liu simon at bitcartel.com
Tue Sep 12 16:10:18 UTC 2017


It would be a good starting point if the current policy could be
clarified, so everyone is on the same page, and there is no confusion.


On 09/11/2017 09:49 PM, Sergio Demian Lerner via bitcoin-dev wrote:
> Historically people have published vulnerabilities in Bitcoin only after
>>80% of the nodes have upgraded. This seems to be the general (but not
> publicly stated) policy. If you're a core developer and you know better,
> please correct me.
> 


More information about the bitcoin-dev mailing list