We take user security very seriously. If you should discover a potential security concern in Rainway, do not communicate it to us in public.
Instead, follow these steps:
We will respond to you as soon as possible, likely within 24 hours. If we have any further questions, expect a response back.
We encourage everyone interested in submitting a disclosure to read the IETF's "Responsible Vulnerability Disclosure Process" and follow the guidelines and principles within.
Depending on the severity and scale of the vulnerability, you may (at your discretion) be recognized for your work. We are not offering monetary compensation at this time. All reports are subject to a 30 day embargo for user safety.
