Kairos supports responsible disclosure and endeavors to resolve security issues in a reasonable timeframe.
However, as is a community driven project we don't run any bug bounty, but we will make sure credits goes to whom belongs and address the issues as fast as possible, if you can provide also patch and open up a PR that's more than welcome.
To report a security vulnerability, please email [email protected].