Security is a priority for TibetSwap. There is an ongoing bug bounty program that covers all issues that could endanger funds in the protocol. Payouts are decided on a case-by-case basis, and the funds for the program are held at xch1yej80zwys9m2kkpch0ywltflxtdyprm2qfd0adwm8ur6qhhnex3qj0sknl (TibetSwap.xch).
Reading chialisp is not easy, and TibetSwap is powered by multiple puzzles that interact in complex ways. With that in mind, you can use the following resources to get a basic understanding of what's going on, which you can then use to hunt for bugs.
XCH London Presentation | Mirror
XCH London Technical Follow-Up: The Magic Behind TibetSwap
Detailed Transaction Structure
If you found a bug pr have any questions, please do not hesitate to contact us. Specifically, you can reach yakuhito via the following channels:
Twitter DM: yakuh1t0
Discord: yakuhito (tag: the result of 18 * 100 + 38)
Keybase: yakuhito_chia
Email: y [at] kuhi.to
Thank you for keeping TibetSwap secure.