Table of Contents
Update, June 2, 2026: Gem Wallet no longer operates a standing monetary bug bounty program. Responsible disclosure remains open for good-faith, reproducible security reports through [email protected]. Reports submitted before June 2, 2026 will be handled under the terms that applied at the time of submission.
In November 2025, Gem Wallet launched an official Bug Bounty Program, offering rewards for security researchers who helped identify vulnerabilities in our mobile applications and backend infrastructure.
Security First, Built in Public
Security is our first priority at Gem Wallet. We build everything in public - our entire codebase is open source, allowing anyone to audit, inspect, and verify how we protect your assets. This transparency makes our product more secure, as the community can identify potential issues before they become problems.
By inviting the security research community to help us identify vulnerabilities, we took another step toward making Gem the most secure self-custodial wallet available.
Program Details
Historical rewards: The original program offered $100 to $8,000 based on severity. This standing reward schedule ended on June 2, 2026.
Scope: iOS and Android apps, open-source repositories, and backend infrastructure
How to Report Now: Review the current Responsible Disclosure policy, test responsibly, and submit valid security reports to [email protected]. We respond within 24-48 hours.
We continue to welcome responsible disclosure reports from experienced security researchers and good-faith community members who help protect crypto users worldwide.
