- 1. Creating new keypair
- 2. Import Everstake public key
- 3. Encrypting your vulnerability report
- 4. Vulnerability reporting guidelines
$ gpg --full-gen-key
Choose RSA algorithm and 4096 keysize.
In order to encrypt a file for another user as well as to verify their signatures, we need their public key.
You can use one of the following methods to import Everstake's public key:
$ gpg --import everstake-public-gpg.asc
$ gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys dc4086e9056c17234d62a44e302f408b14f95372
Double-check the key before encrypting - everstake-public-gpg.asc
pub rsa4096 2022-05-27 [SC] [expires: 2027-05-26]
DC4086E9056C17234D62A44E302F408B14F95372
uid [ unknown] Everstake <[email protected]>
sub rsa4096 2022-05-27 [E] [expires: 2027-05-26]
After the public key has been imported, you can encrypt a file for us:
$ gpg -r [email protected] -e <some-file>
Please follow vulnerability reporting guidelines on our website.