# Security Disclosures

Security is a top priority for Ark. If you discover a security issue, please bring it to our attention right away. Please DO NOT file a public issue, instead send your report privately:

- sending an email to <security@arklabs.to>; or
- sending a NIP-04 DM to [npub1hf5...dp8n](https://primal.net/p/npub1hf5sgehj874r3y2hps9r36qap20cffauc7t895var2ajlsg32mcqa7dp8n).

Security reports are greatly appreciated and we will publicly thank you for it.

The following keys may be used to communicate sensitive information to developers:

| Name | PGP Public Key URL | Fingerprint |
|------|-------------|-------------|
| Marco Argentieri | [https://github.com/tiero.gpg](https://github.com/tiero.gpg) | 0F6586CE8DA12FB1 |
| Pietralberto Mazza | [https://github.com/altafan.gpg](https://github.com/altafan.gpg) | 6C7639DEA147673B |

You can import a key by running the following command in your terminal and verify the fingerprint matches the one above:

```bash
gpg --fetch-keys <PGP Public Key URL>
```