Protecting cryptocurrency through responsible disclosure of quantum vulnerabilities

Our approach to vulnerability disclosure

Disclosure of security vulnerabilities is a controversial topic. On the one hand, the “no disclosure” position states that publishing vulnerabilities provides malicious actors with instructions for attacks. On the other hand, the “full disclosure” movement argues that knowledge of security vulnerabilities allows the public to exercise caution and protect themselves while providing incentives for security fixes. In the area of ​​computer security, the debate centers on a series of trade-offs known as “Responsible Disclosure” and “Coordinated Vulnerability Disclosure.” Both advocate disclosing the vulnerability with an embargo and a certain period of time so that security updates can be deployed to the affected systems. Variants of responsible disclosure with strict deadlines have been adopted by leading security research institutes such as CERT/CC at Carnegie Mellon University and…