Ethereum Bounty Software

The Ethereum Bounty Program gives bounties for bugs. We call on our network ETHEREUM and all trojan horse bounty hunters to assist pick out insects inside the protocols and customers. Earn rewards for finding a ETHEREUM vulnerability and get a place on our leaderboard. See Rules & Rewards phase for details. ETHEREUM

1.

Martin Holst Swende*

holiman

33500 pts

2.

Sam Sun

samczsun

22000 pts

three.

ChainSecurity

chainsecurity

21000 pts

4.

Juno Im

junorouse

20500 pts

5.

Yoonho Kim (team Hithereum)

uknowy

20000 pts

6.

John Youngseok Yang (Software Platform Lab)

johnyangk

20000 pts

7.

PeckShield

peckshield

17000 pts

8.

ItsUnixIKnowThis

itsunixiknowthis

15000 pts

nine.

Bertrand Masius

catageek

15000 pts

10.

Tin

tintinweb

12500 pts

eleven.

Ralph Pichler

12500 pts

12.

Bob Conan

12000 pts

thirteen.

Łukasz Matczak

lukaszmatczak

11000 pts

14.

Heilman/Marcus/Goldberg

10000 pts

15.

Jonas Nick

jonasnick

ten thousand pts

16.

Sebastian Henningsen

8000 pts

17.

Dominic Brütsch

7500 pts

18.

Harry Roberts

HarryR

5000 pts

19.

Peter Stöckli

p-

5000 pts

20.

Neville Grech

Dedaub

5000 pts

21.

John Toman

jtoman

5000 pts

22.

EthHead

EthHead

5000 pts

23.

Daniel Perez

danhper

2500 pts

24.

Yaron Velner

yaronvel

2000 pts

25.

Whit Jackson

whitj00

2000 pts

26.

Ming Chuan Lin

2000 pts

27.

Melonport team

melonport

2000 pts

28.

Maurelian

maurelian

2000 pts

29.

Christoph Jentzsch

CJentzsch

2000 pts

30.

DVP (dvpnet.io)

DVPNET

1200 pts

31.

Vasily Vasiliev

a thousand pts

32.

talko

talko

one thousand pts

33.

Steve Waldman

swaldman

a thousand pts

34.

Panu Kekäläinen

ptk

1000 pts

35.

Josselin Feist

montyly

1000 pts

36.

henrit

henrit

1000 pts

37.

Marc Bartlett

BlameByte

one thousand pts

38.

Barry Whitehat

1000 pts

39.

Lucas Ryan

badmofo

1000 pts

40.

ETHEREUM Alex Groce

agroce

one thousand pts

41.

Daniel Briskin

n0thingness

750 pts

forty two.

Daenam Kim

daenamkim

750 pts

43.

Myeongjae Lee

500 pts

44.

Marcin Noga (Cisco/Talos Security)

500 pts

forty five.

jazzybedi

500 pts

46.

Feeker – 360 ESG Codesafe Team

feeker

500 pts

47.

Jonathan Brown

ethernomad

500 pts

48.

David Murdoch

davidmurdoch

500 pts

49.

Alexander Wade

wadeAlexC

500 pts

50.

Luis Schliesske

gitpusha

2 hundred pts

* No longer eligible for bounties, on account that October 2016. Martin now works for the Ethereum Foundation and, among other things, manages the trojan horse bounty application.

2021-07-13: In order to get extra eyes on the modifications coming within the London upgrade, all bounties for vulnerabilites related to London upgrade will be doubled, up until the upgrade takes place. Examples of problems that would be eligible for a doubly are pass-consumer consensus problems between the following customers: Geth, Besu, Nethermind, OpenEthereum and Erigon.2021-07-12: We welcome Bob Conan to the bounty list. Team (?) Bob Conan recognized a number of as of yet undisclosed issues with pass-ethereum transaction pool internals.2021-04-09: John Toman (Certora) were given another 1K points due to “ABIDecodeTwoDimensionalArrayMemory” protection vulnerability that turned into constant in Solidity model 0.eight.four.2020-12-09: Welcome John Toman (Certora) to the bounty-list! John observed the “empty bytearray reproduction trojan horse” aswell because the “dynamic array cleanup computer virus” in Solidity, every well worth 2K points. Also, Łukasz Matczak earned every other 5K factors for a DoS within the LES server, patched for v1.nine.25.2020-10-05: We welcome John Youngseok Yang (Software Platform Lab) to the leaderboard. John mentioned two severe vulnerabilities associated with geth, every of which scored 10K points. Congratulations and nicely performed!2020-09-18: David Murdoch and Martin Ortner earned 500 points each. David determined an RPC vulnerability in geth, and Martin discovered a far flung DoS (instacrash) within the discovery implementation of Trinity.2020-08-26: Sam Sun managed to gain any other 2K factors via a protocol-stage vulnerability, the info of which wishes to remain difficult to understand for some time but. Also, we welcome Luis Schliesske to the bountylist, with 2 hundred points for findings concerning Solidity.2020-05-29: ItsUnixIKnowThis changed into provided 10K for a Clef-associated vulnerability, and 5K for a Geth-associated vulnerabilty. Another 1K factors were provided Alex Groce, for numerous vulnerabilities reported to the Solidity team.2020-03-03: Sam Sun, the prolific bounty-hunter who has managed to discover zero-days in each smart contracts and client implementations, earned any other 10K bounty factors for the ENS vulnerability which necessitated migrating all facts to a new registrar. Congratulations Sam!2020-01-07: Towards the quit of 2019, we paid out numerous bounties. ChainSecurity earned some other 8500 points, for three separate reviews; a thousand points for a sluggish execution on Geth, due to an useless copying of facts whilst CALL editions have been made with with big calldata. They additionally earned 5000 factors out of from the‘pot’ of money allotted toward EIP opinions, with their help in assessing the security of EIp-1884; which also earned Neville Gretch (agreement-library.com) 5000 points. And ultimately, collectively with Daniel Perez (split 50/50), they submitted a DoS vector for Geth/Parity which earned them 2500 points each. Congratulations to all new individuals at the top list, we’re searching forward to greater high fine bounties in the course of 2020!2019-10-16: Josselin Feist turned into offered one thousand factors for a Vyper vulnerability concerning characteristic identification collisions, said in July 2019 (sorry about the delay!). Reminder: Vyper remains taken into consideration experimental!2019-09-30: Maurelian has been offered 2000 factors for a vulnerability concerining Vyper. Vyper did now not propely handle the instances wherein two separate nonreentrant() decorators have been exact. Reminder: Vyper continues to be taken into consideration experimental!2019-08-22: The Ethereum 2.zero Team has announced a bounty concerning Legendre PRF. Head over there to test the details!2019-07-30: Ming Chuan Lin pronounced approximately bugs inside the encoding of Solidity storage arrays, earning 2000 factors. Welcome to the list!2019-06-24: Sebastian Henningsen mentioned to us about a P2P eclipse assault, and earned 8K factors for that. Well accomplished!2019-05-03: Juno Im / Theori discovered a DoS vulnerability within the Geth p2p layer, and turned into offered 10K points. Congratulations!2019-04-23: Sam Sun managed to discover a severe vulnerability in the consensus place, and earned 10K factors. Congratulations and welcome to the leaderboard! Also, The Melonport group (Travis Jacobs & Jenna Zenk) and the Melon Council (Nick Munoz-McDonald, Martin Lundfall, Matt di Ferrante & Adam Kolar) stated the Solidity ABIEncoderV2 bug which awarded them 2000 points.2019-03-09: Łukasz Matczak earned another 1000 on a peer-DoS through imparting malformed facts, Myeongjae Lee earned 500 factors through reporting a phisher-stash of stolen facts.2019-03-02: Łukasz Matczak earned 5000 points thru vulnerabilities within the p2p layers in Geth, that could cause amplification attacks. ChainSecurity and Ralph Pichler were provided 25K points for the vulnerability record that prompted suspending the Constantinople fork, which changed into nicely submitted via the bounty program earlier than launched publically. The Ethereum Foundation has chosen to double that reward, and positioned some other $25K to be used for destiny security audits of EIPs.2018-10-16: Peckshield has climbed better on the leaderboard, with another 5K factors for geth DoS vulnerabilities, and also identified Constantinople flaws (1200 factors) which were submitted via the DVP vulnerability platform. Also, Feeker earned 500 factors for a Geth DoS through RPC.2018-08-09: We have up to date the scope of the bounty application, to be greater explicit approximately what we are interested in – what’s included within the scope and what isn’t.2018-08-02: PeckShield has been offered 12000 factors for three separate reviews.Geth DoS through discovery protocol (2000 factors)LES Server DoS via malicious query (5000 points)LES Server DoS via AnnouceMsg (5000 factors)2018-03-28: Several new entries on the leaderboard! Congratulations, and thanks!First off, we’ve got offered 10 000 points to the ETHEREUM researchers from Boston University: Sharon Goldberg, Yuval Marcus and Ethan Heilman, for their research approximately eclipse attacks on geth nodes. The fixes were blanketed in 1.eight.zero.Dominic Brütsch changed into presented 7500 points for a vulnerability which might be used to trigger gradual block processing in geth, which has been fixed in 1.8.three.Two DoS vulnerabilities in geth RPC methods had been said by way of Vasily Vasiliev, awarded 500 factors every.We also offered ‘jazzybedi’ with 500 factors for alerting us approximately DNS rebind vulnerabiliites, which were additionally fixed in 1.8.0.2018-02-12: Barry Whitehat has been introduced to the leaderboard, for a discrepancy in how Geth vs Parity handled ‘future’ blocks. The discrepancy may want to doubtlessly purpose a mining minority be at a disadvantage. This has been fixed by means of aligning how Geth and Parity treats such blocks.2018-01-sixteen: See the blog for a protection declaration regarding the Mist Browser. The Mist browser is not taken into consideration production software program, and we are able to no longer pay complete rewards for upstream bugs.2017-12-13: Yoonho Kim, of crew Hithereum, has scored every other 5000 points; once more for an RCE in Mist/Electron. Also, Peter Stöckli submitted a Mist-vulnerability which granted him 5000 points. Congratulations each! A very crucial reminder: the Mist browser isn’t secure for browsing the net. Marcin Noga of Cisco/Talos security also submitted a few troubles to cpp-ethereum, which received him 500 points.2017-eleven-28: Juno Im, has scored any other 5000 factors; again for an RCE in Mist/Electron.2017-10-09: Yoonho Kim, of crew Hithereum, has scored 15000 factors for a 0-day vulnerability (far off command execution) in Mist/Electron, which become ultimately patched upstream and made into the ultimate Mist-launch. Juno Im has been offered some other 500 points for a Geth get admission to control difficulty.2017-09-19: In order to get some more eyes on the Byzantium implementations, we’ve temporarily elevated the rewards: Between now and the Byzantium mainnet hardfork, we will double the ratio of factors-to-USD for any vulnerabilities affecting cross-client consensus or Geth denial-of-carrier. A ‘High’ can for that reason yield up to $30K USD, and ‘Critical’ as much as $50K USD. All Byzantium functionality is considered in-scope, as if it changed into already enabled on the mainnet.2017-09-14: Harry Roberts has been awarded 5000 points for discovering a computer virus in how Solidity implemented ecrecover. See release notes for v0.four.14 for further information.2017-07-28: Juno Im has been awared 5000 points for a Mist-vulnerability concerning uploading of maliciously crafted pockets-files.2017-05-31: Whit Jackson has been offered 2000 factors for hex-encoding ambiguities in EthereumJS, Christoph Jentzsch has been awarded 2000 factors for the solidity optimizer malicious program, and ‘Tintin’ was provided any other 2000 factors for a trojan horse in a third-celebration component for CPP-ethereum.2017-05-02: Yaron Velner has been presented 1000 points for an ENS-submission, where by using ENS 2nd rate can be manipulated thru replay, forcing winners to pay the full quantity presented.2017-04-07: EthHead and Steve Waldman had been delivered to the leaderboard for their ENS findings. Bug 1 and malicious program 22017-04-07: ENS is now formally covered inside the software.2016-12-01:Solidity is now formally covered within the malicious program bounty application.2016-11-10 We’re please to have three new names at the leaderboard, Bertrand Masius (Solidity trojan horse), tintinweb (Mist vulnerabilities) and Yaron Velner (EXP opcode mispriced).2016-07-15: The Ethereum tough fork code is in scope of the Ethereum bounty software. Please see the trendy difficult fork specification.2016-01-26: BTC RELAY is now in scope of the Ethereum bounty program. Please see BTC RELAY Bounty Program and BTC RELAY Spec for greater info and precise scope.2015-09-02: With Martin (@mhswende) finding any other consensus protocol computer virus in the Python customer, he’s now climbed beforehand of nickler and we’ve got a new leader on the leaderboard! We’ve additionally clarified reference to the Python purchaser and it’s scope within the bounty application (see hyperlink underneath inside the references).2015-07-30: As we are launching Frontier, we can preserve the bounty software in the course of and at least till Homestead. One extension, and one alternate: From now on, center CPP libraries will be in scope as nicely. The genesis block inscription reward is altered to an entry within the namereg. Happy looking!2015-06-11: As the Ethereum customers have become more strong and secure, we’re happy to announce Proof-of-Work (Ethash) and the Go P2P implementation are actually also in scope and eligibile for rewards. The broaden department is the target.2015-03-19: The bounty program will continue to be strolling for as a minimum the period of the upcoming Ethereum frontier release. Please see the Ethereum weblog for extra statistics about Frontier!2015-02-27: These scripts through Jonas Nick can be beneficial to build the Ethereum Go purchaser and test it. Please see the bash scripts for construct instructions and the python script for a simple example of calling the JSON-RPC API. Please be aware the currently known problems2015-02-27: Another important vulnerability found by using Jonas Nick. Awarded with 5 BTC, this exploit triggers a computer virus within the Ethereum VM to create ether out of thin air.2015-01-30: Friendly reminder: Ethereum web sites are out of scope for the bounty software and not eligible for rewards. With that stated, we are grateful for submissions regarding website protection and could paintings to fix those problems.

Please have a examine the bullets under earlier than starting your hunt!

Issues which have already been submitted via every other person or are already regarded to the Ethereum team aren’t eligible for bounty rewards.Public disclosure of a vulnerability makes it ineligible for a bounty.You can start or fork a private chain for worm hunting. Please appreciate the Ethereum foremost and test networks and refrain from attacking them.Ethereum’s center improvement crew, employees and all different people paid by the Ethereum assignment, directly or in a roundabout way, are not eligible for rewards.Anyone who works with the codebase as a expert Ethereum developer isn’t eligible for rewards.Ethereum web sites or Ethereum Foundation infrastructure in fashionable, are NOT a part of the bounty application.Ethereum bounty application considers some of variables in determining rewards.Determinations of eligibility, score and all terms related to an award are at the only and very last discretion of the Ethereum Foundation worm bounty panel.

The fee of rewards paid out will range depending on Severity. The severity is calculated according to the OWASP chance score version primarily based on Impact and Likelihood :

Reward sizes are guided via the rules below, but are ultimately, determined at the only discretion of the Ethereum Foundation bug bounty panel.

Critical: up to twenty-five 000 factorsHigh: up to 15 000 pointsMedium: up to ten 000 factorsLow: up to two 000 factorsNote: up to 500 points

1 point currently corresponds to one USD (payable in ETH or BTC), something which may additionally trade with out prior notice.

OBS! Between 2017-09-19 and Byzantium hard-fork on Mainnet, every factor corresponds to 2 USD for problems associated with move-consumer consensus or geth DoS vulnerabilities.

Beyond economic rewards, each bounty is likewise eligible for listing on our leaderboard with points accumulating over the direction of this system.

In addition to Severity, other variables are also taken into consideration while the Ethereum Foundation trojan horse bounty panel comes to a decision the rating, such as (however now not restricted to):

Quality of description. Higher rewards are paid for clean, properly-written submissions.Quality of reproducibility. Please encompass check code, scripts and detailed commands. The less difficult it’s far for us to breed and affirm the vulnerability, the better the reward. Please see the wiki and repos to examine more about our take a look at suite inside the authentic documentation.Quality of repair, if covered. Higher rewards are paid for submissions with clear description of how to restoration the difficulty.

Important Legal Information

The trojan horse bounty program is an experimental and discretionary rewards application for our energetic Ethereum community to encourage and reward people who are assisting to improve the platform. It is not a opposition. You have to recognize that we are able to cancel this system at any time, and awards are at the only discretion of Ethereum Foundation computer virus bounty panel. In addition, we are not able to problem awards to those who are on sanctions lists or who are in nations on sanctions lists (e.g. North Korea, Iran, and so on). You are chargeable for all taxes. All awards are situation to applicable law. Finally, your testing must no longer violate any law or compromise any information that isn’t always yours.

Our trojan horse bounty application spans give up-to-stop: from soundness of protocols (along with the blockchain consensus model, the wire and p2p protocols, evidence of labor, and so on) and protocol/implementation compliance to network security and consensus integrity. Classical purchaser security as well as protection of cryptographic primitives also are a part of the program. When in doubt, send an e-mail to bounty@ethereum.org and ask us.

Below a few guidance can be found on what we’re commonly interested by listening to about.

Geth security

Geth is an Ethereum consumer written in Go. Areas that commonly are in scope are:

Consensus protocol compliance: are there any flaws that might make Geth deviate from consensus?This are consists of EVM operations, precompiles, block validation and so on.Account control flaws: flaws which could put quit-person money owed at chance.DoS issues: flaws that makes Geth crash or carry out very slowly.Includes suboptimal EVM operation, failure to address assaults on the protocol stack

Some areas of Geth are ‘experimental’, and now not but enabled by way of default. Yes, these also are covered, however the ‘Impact’ of problems inside the regions beneath can be counted as low.

LES

The LES (mild customers) elements of Geth are twofold: server and consumer. For LES, we’re interested in

LES Server or Client: RCE-sort of vulnerabilitiesLES Server: DoS vulnerabilities

Py-evm/Trinity

Py-evm is a python implementation of the Ethereum Virtual Machine, and the basis for Trinity. The Trinity customer is presently in an alpha release level and isn’t appropriate for undertaking crucial manufacturing use instances. Both of those additives are included inside the bounty scope, but any problems suggested may have a lowered Impact given that there are already acknowledged issues and they may be now not taken into consideration production release.

Solidity language safety

See Solidity SECURITY.MD for more information about what’s protected on this scope.

Solidity does now not hold safety guarantees concerning compilation of untrusted input – and we do not trouble rewards for crashes of the solc compiler on maliciously generated data.

Out of scopeWhisper

Whisper is out of scope.

LLL language protection

LLL isn’t always protected within the trojan horse bounty.

Pyethereum/Pyethapp

Pyethereum is a legacy Ethereum implementation, and the idea for the Pyethapp python customer implementation. Both of those at the moment are deprecated, in favour of py-evm/Trinity, and not now not in scope of the bounty software.

Vyper language protection

The Vyper language is a new, experimentalprogramming language for the EVM. It remains beta software program, and as such is not predicted to be malicious program-unfastened, and is consequently not covered inside the bug bounty.

Swarm

Swarm was once a part of geth, but has due to the fact moved out to it’s personal organisation.

EthereumJ/Harmony

EthereumJ EthereumJ is a legacy natural-Java implementation of the Ethereum protocol, and the idea of Harmony, but is not actively maintained.

Aleth

Aleth is an implementation of an Ethereum node in C++. This patron isn’t protected, as the development has ceased and Aleth isn’t always going to implement future forks.

ENS safety

ENS is maintained via the ENS foundation, and isn’t always a part of the bounty scope.

Other customers/matters

Clients now not developed through the Ethereum Foundation might normally not be covered by means of the bounty application. For Parity, please go to their bounty program.

ERC20 agreement bugs are normally now not protected in the bounty scope. However, we will help attain out to affected parties, which include authors or exchanges in such cases.

Ethereum.org infrastructure

Our infrastructure; including webpages, dns, electronic mail and so forth, are not a part of the bounty-scope.

So, what have to an excellent vulnerability submission look like?

Here is an example of a real issue which became previously present inside the Go customer:

Description: Remote Denial-of-provider using non-verified blocks

Attack situation: An attacker can send blocks that may require a excessive quantity of computation (the maximum gasLimit) but has no evidence-of-paintings. If the attacker sends blocks constantly, the attacker may also force the victim node to 100% CPU utilization.

Impact: An attacker can abuse CPU usage on far off nodes, possibly causing full DoS.

Components: Go patron model v0.6.8

Reproduction: Send a block to a Go node that incorporates many txs but no legitimate PoW.

Details: Blocks are tested inside the approach Process(Block, dontReact). This technique plays high priced CPU-in depth duties, such as executing transactions (sm.ApplyDiff) and later on it verifies the evidence-of-work (sm.ValidateBlock()). This lets in an attacker to ship blocks that may require a excessive amount of computation (the most gasLimit) but has no evidence-of-work. If the attacker sends blocks continuously, the attacker can also pressure the sufferer node to 100% CPU usage.

Fix: Invert the order of the checks.

So, the trojan horse bounty application is time confined?

No stop date is presently set. See the “News & Updates” segment above, and the Ethereum weblog for the cutting-edge information.

How are bounties paid out?

Rewards are paid out in ETH or BTC after the submission has been established, generally a few days later. Local legal guidelines require us to ask for proof of your identity. In addition, we are able to want your ETH/BTC deal with.

Can I donate my reward to charity?

Yes. We can donate your reward to an established charitable enterprise of your desire.

I stated an problem / vulnerability however have now not acquired a reaction!

We goal to reply to submissions as speedy as feasible. Feel loose to e mail us if you have no longer acquired a response inside an afternoon or .

I need to be anonymous / I do no longer need my call or nick at the leader board.

Submitting anonymously or with a pseudonym is OK, but will make you ineligible for BTC rewards. To be eligible for BTC rewards, we require your real name and a evidence of your identity. Donating your bounty to a charity doesn’t require your identity.

Please allow us to understand in case you do no longer want your name/nick displayed on the leader board.

What are the points inside the leaderboard?

Every found vulnerability / issue is assigned a rating. Bounty hunters are ranked on our leaderboard with the aid of total points.

I have similarly questions.

Email us at bounty@ethereum.org.

Do you have got a PGP key?

Please use AE96 ED96 9E47 9B00 84F3E17F E88D 3334 FA5F 6A0A

—–BEGIN PGP PUBLIC KEY BLOCK—–

Version: GnuPG v1mQINBFgl3tgBEAC8A1tUBkD9YV+eLrOmtgy+/JS/H9RoZvkg3K1WZ8IYfj6iIRaY

neAk3Bp182GUPVz/zhKr2g0tMXIScDR3EnaDsY+Qg+JqQl8NOG+Cikr1nnkG2on9

L8c8yiqry1ZTCmYMqCa2acTFqnyuXJ482aZNtB4QG2BpzfhW4k8YThpegk/EoRUi

m+y7buJDtoNf7YILlhDQXN8qlHB02DWOVUihph9tUIFsPK6BvTr9SIr/eG6j6k0b

fUo9pexOn7LS4SojoJmsm/5dp6AoKlac48cZU5zwR9AYcq/nvkrfmf2WkObg/xRd

EvKZzn05jRopmAIwmoC3CiLmqCHPmT5a29vEob/yPFE335k+ujjZCPOu7OwjzDk7

M0zMSfnNfDq8bXh16nn+ueBxJ0NzgD1oC6c2PhM+XRQCXChoyI8vbfp4dGvCvYqv

QAE1bWjqnumZ/7vUPgZN6gDfiAzG2mUxC2SeFBhacgzDvtQls+uuvm+FnQOUgg2H

h8x2zgoZ7kqV29wjaUPFREuew7e+Th5BxielnzOfVycVXeSuvvIn6cd3g/s8mX1c

2kLSXJR7+KdWDrIrR5Az0kwAqFZt6B6QTlDrPswu3mxsm5TzMbny0PsbL/HBM+GZ

EZCjMXxB8bqV2eSaktjnSlUNX1VXxyOxXA+ZG2jwpr51egi57riVRXokrQARAQAB

tDlFdGhlcmV1bSBGb3VuZGF0aW9uIFNlY3VyaXR5IFRlYW0gPHNlY3VyaXR5QGV0

aGVyZXVtLm9yZz6JAj4EEwECACgCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheA

BQJaCWH6BQkFo2BYAAoJEOiNMzT6X2oK+DEP/3H6dxkm0hvHZKoHLVuuxcu3EHYo

k5sd3MMWPrZSN8qzZnY7ayEDMxnarWOizc+2jfOxfJlzX/g8lR1/fsHdWPFPhPoV

Qk8ygrHn1H8U8+rpw/U03BqmqHpYCDzJ+CIis9UWROniqXw1nuqu/FtWOsdWxNKh

jUo6k/0EsaXsxRPzgJv7fEUcVcQ7as/C3x9sy3muc2gvgA4/BKoGPb1/U0GuA8lV

fDIDshAggmnSUAg+TuYSAAdoFQ1sKwFMPigcLJF2eyKuK3iUyixJrec/c4LSf3wA

cGghbeuqI8INP0Y2zvXDQN2cByxsFAuoZG+m0cyKGaDH2MVUvOKKYqn/03qvrf15

AWAsW0l0yQwOTCo3FbsNzemClm5Bj/xH0E4XuwXwChcMCMOWJrFoxyvCEI+keoQc

c08/a8/MtS7vBAABXwOziSmm6CNqmzpWrh/fDrjlJlba9U3MxzvqU3IFlTdMratv

6V+SgX+L25lCzW4NxxUavoB8fAlvo8lxpHKo24FP+RcLQ8XqkU3RiUsgRjQRFOqQ

TaJcsp8mimmiYyf24mNu6b48pi+a5c/eQR9w59emeEUZqsJU+nqv8BWIIp7o4Agh

NYnKjkhPlY5e1fLVfAHIADZFynWwRPkPMJSrBiP5EtcOFxQGHGjRxU/KjXkvE0hV

xYb1PB8pWMTu/beeiQI+BBMBAgAoBQJYJd7YAhsDBQkB4TOABgsJCAcDAgYVCAIJ

CgsEFgIDAQIeAQIXgAAKCRDojTM0+l9qCplDD/9IZ2i+m1cnqQKtiyHbyFGx32oL

fzqPylX2bOG5DPsSTorSUdJMGVfT04oVxXc4S/2DVnNvi7RAbSiLapCWSplgtBOj

j1xlblOoXxT3m7s1XHGCX5tENxI9fVSSPVKJn+fQaWpPB2MhBA+1lUI6GJ+11T7K

J8LrP/fiw1/nOb7rW61HW44Gtyox23sA/d1+DsFVaF8hxJlNj5coPKr8xWzQ8pQl

juzdjHDukjevuw4rRmRq9vozvj9keEU9XJ5dldyEVXFmdDk7KT0p0Rla9nxYhzf/

r/Bv8Bzy0HCWRb2D31BjXXGG05oVnYmNGxGFxYja4MwgrMmne3ilEVjfUJsapsqi

w41BAyQgIdfREulYN7ahsF5PrjVAqBd9IGtE8ULelF2SQxEBQBngEkP0ahP6tRAL

i7/CBjPKOyKijtqVny7qrGOnU2ygcA88/WDibexDhrjz0Gx8WmErU7rIWZiZ5u4Y

vJYVRo0+6rBCXRPeSJfiP5h1p17Anr2l42boAYslfcrzquB8MHtrNcyn650OLtHG

nbxgIdniKrpuzGN6Opw+O2id2JhD1/1p4SOemwAmthplr1MIyOHNP3q93rEj2J7h

5zPS/AJuKkMDFUpslPNLQjCOwPXtdzL7/kUZGBSyez1T3TaW1uY6l9XaJJRaSn+v

1zPgfp4GJ3lPs4AlAbQ0RXRoZXJldW0gRm91bmRhdGlvbiBCdWcgQm91bnR5IDxi

b3VudHlAZXRoZXJldW0ub3JnPokCPgQTAQIAKAIbAwYLCQgHAwIGFQgCCQoLBBYC

AwECHgECF4AFAloJYfoFCQWjYFgACgkQ6I0zNPpfagoENg/+LnSaVeMxiGVtcjWl

b7Xd73yrEy4uxiESS1AalW9mMf7oZzfI05f7QIQlaLAkNac74vZDJbPKjtb7tpMO

RFhRZMCveq6CPKU6pd1SI8IUVUKwpEe6AJP3lHdVP57dquieFE2HlYKm6uHbCGWU

0cjyTA+uu2KbgCHGmofsPY/xOcZLGEHTHqa5w60JJAQm+BSDKnw8wTyrxGvA3EK/

ePSvOZMYa+iw6vYuZeBIMbdiXR/A2keBi3GuvqB8tDMj7P22TrH5mVDm3zNqGYD6

amDPeiWp4cztY3aZyLcgYotqXPpDceZzDn+HopBPzAb/llCdE7bVswKRhphVMw4b

bhL0R/TQY7Sf6TK2LKSBrjv0DWOSijikE71SJcBnJvHU7EpKrQQ0lMGclm3ynyji

Nf0YTPXQt4I+fwTmOew2GFeK3UytNWbWI7oXX7Nm4bj9bhf3IJ0kmZb/Gs73+xII

e7Rz52Mby436tWyQIQiF9ITYNGvNf53TwBBZMn0pKPiTyr3Ur7FHEotkEOFNh1//

4zQY10XxuBdLrYGyZ4V8xHJM+oKre8Eg2R9qHXVbjvErHE+7CvgnV7YUip0criPr

BlKRvuoJaSliH2JFhSjWVrkPmFGrWN0BAx10yIqMnEplfKeHf4P9Elek3oInS8WP

G1zJG6s/t5+hQK0X37+TB+6rd3GJAj4EEwECACgFAlgl4TsCGwMFCQHhM4AGCwkI

BwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEOiNMzT6X2oKzf8P/iIKd77WHTbp4pMN

8h52HyZJtDJmjA1DPZrbGl1TesW/Z9uTd12txlgqZnbG2GfN9+LSP6EOPzR6v2xC

OVhR+RdWhZDJJuQCVS7lJIqQrZgmeTZG0TyQPZdLjVFBOrrhVwYX+HXbu429IzHr

URf5InyR1QgqOXyElDYS6e28HFqvaoA0DWTWDDqOLPVl+U5fuceIE2XXdv3AGLeP

Yf8J5MPobjPiZtBqI6S6iENY2Yn35qLX+axeC/iYSCHVtFuCCIdb/QYR1ZZV8Ps/

aI9DwC7LU+YfPw7iqCIoqxSeA3o1PORkdSigEg3jtfRv5UqVo9a0oBb9jdoADsat

F/gW0E7mto3XGOiaR0eB9SSdsM3x7Bz4A0HIGNaxpZo1RWqlO91leP4c13Px7ISv

5OGXfLg+M8qb+qxbGd1HpitGi9s1y1aVfEj1kOtZ0tN8eu+Upg5WKwPNBDX3ar7J

9NCULgVSL+E79FG+zXw62gxiQrLfKzm4wU/9L5wVkwQnm29hLJ0tokrSBZFnc/1l

7OC+GM63tYicKkY4rqmoWUeYx7IwFH9mtDtvR1RxO85RbQhZizwpZpdpRkH0DqZu

ZJRmRa5r7rPqmfa7d+VIFhz2Xs8pJMLVqxTsLKcLglmjw7aOrYG0SWeH7YraXWGD

N3SlvSBiVwcK7QUKzLLvpadLwxfsuQINBFgl3tgBEACbgq6HTN5gEBi0lkD/MafI

nmNi+59U5gRGYqk46WlfRjhHudXjDpgD0lolGb4hYontkMaKRlCg2Rvgjvk3Zve0

PKWjKw7gr8YBa9fMFY8BhAXI32OdyI9rFhxEZFfWAfwKVmT19BdeAQRFvcfd+8w8

f1XVc+zddULMJFBTr+xKDlIRWwTkdLPQeWbjo0eHl/g4tuLiLrTxVbnj26bf+2+1

DbM/w5VavzPrkviHqvKe/QP/gay4QDViWvFgLb90idfAHIdsPgflp0VDS5rVHFL6

D73rSRdIRo3I8c8mYoNjSR4XDuvgOkAKW9LR3pvouFHHjp6Fr0GesRbrbb2EG66i

PsR99MQ7FqIL9VMHPm2mtR+XvbnKkH2rYyEqaMbSdk29jGapkAWle4sIhSKk749A

4tGkHl08KZ2N9o6GrfUehP/V2eJLaph2DioFL1HxRryrKy80QQKLMJRekxigq8gr

eW8xB4zuf9Mkuou+RHNmo8PebHjFstLigiD6/zP2e+4tUmrT0/JTGOShoGMl8Rt0

VRxdPImKun+4LOXbfOxArOSkY6i35+gsgkkSy1gTJE0BY3S9auT6+YrglY/TWPQ9

IJxWVOKlT+3WIp5wJu2bBKQ420VLqDYzkoWytel/bM1ACUtipMiIVeUs2uFiRjpz

A1Wy0QHKPTdSuGlJPRrfcQARAQABiQIlBBgBAgAPAhsMBQJaCWIIBQkFo2BYAAoJ

EOiNMzT6X2oKgSwQAKKs7BGF8TyZeIEO2EUK7R2bdQDCdSGZY06tqLFg3IHMGxDM

b/7FVoa2AEsFgv6xpoebxBB5zkhUk7lslgxvKiSLYjxfNjTBltfiFJ+eQnf+OTs8

KeR51lLa66rvIH2qUzkNDCCTF45H4wIDpV05AXhBjKYkrDCrtey1rQyFp5fxI+0I

Q1UKKXvzZK4GdxhxDbOUSd38MYy93nqcmclGSGK/gF8XiyuVjeifDCM6+T1NQTX0

K9lneidcqtBDvlggJTLJtQPO33o5EHzXSiud+dKth1uUhZOFEaYRZoye1YE3yB0T

NOOE8fXlvu8iuIAMBSDL9ep6sEIaXYwoD60I2gHdWD0lkP0DOjGQpi4ouXM3Edsd

5MTi0MDRNTij431kn8T/D0LCgmoUmYYMBgbwFhXr67axPZlKjrqR0z3F/Elv0ZPP

cVg1tNznsALYQ9Ovl6b5M3cJ5GapbbvNWC7yEE1qScl9HiMxjt/H6aPastH63/7w

cN0TslW+zRBy05VNJvpWGStQXcngsSUeJtI1Gd992YNjUJq4/Lih6Z1TlwcFVap+

cTcDptoUvXYGg/9mRNNPZwErSfIJ0Ibnx9wPVuRN6NiCLOt2mtKp2F1pM6AOQPpZ

85vEh6I8i6OaO0w/Z0UHBwvpY6jDUliaROsWUQsqz78Z34CVj4cy6vPW2EF4

=r6KK

—–END PGP PUBLIC KEY BLOCK—–

Leave a Reply

Your email address will not be published.