Security

Contact

To report a security-related issue, please contact us:

We ask that all communication follow responsible disclosure practices and comply with applicable laws.

Dinari meets or exceeds industry best practices on infrastructure security and data protection including but not limited to:

We collect only the data we need and protect it with financial industry-standard encryption in transit and at rest.
Access to production environments and customer data is restricted to authorized staff and audited regularly.
Our software and infrastructure are built and tested with security in mind, using modern tools and hardened cloud environments.
We monitor our systems for suspicious activity and have procedures to respond quickly to incidents.
All vendors and service providers, such as cloud and financial services partners, are audited for strong security and compliance.

We are committed to protecting our customers, partners, and systems, and we welcome responsible reports from the security community.

If you discover a vulnerability or security issue in any of our products, infrastructure, or services, please notify us as quickly as possible.
We will acknowledge your report, triage and prioritize it based on impact and likelihood, and keep you informed of our remediation progress where appropriate.
Once the issue is resolved, we may publish a high-level summary of the vulnerability and our fix, without exposing sensitive implementation details or personal data. With your consent, we may also recognize your contribution publicly.

⚠️
As a small company, we are unable to offer a bug bounty program at this time.

Dinari smart contracts have been subject to a number of audits by reputable audit firms.