We have a bunch of examples here:
If you are aware of a security bug (or have a proposal/implemention of a "zero day" attack), notifying us privately is in the interest of all users. We can then discuss it post-mortem. To reach us privately, please get our public keys here:
You can import our keys to GPG - and verify our Keybase.io admin status - with keybase track max
and keybase track chris
.
If the bug is kbpgp related, and has nothing to do with Keybase, you can post the issue here. If it has anything to do with Keybase -- the command line client, website, etc. -- please post it in our general keybase issues repo:
We appreciate comments, questions, feature requests, etc.