Improve your secure email service by joining our back-end code audit

To ensure the security of ProtonMail’s secure email service, we are looking for more back-end security auditors.

At ProtonMail, our internal security team has always worked closely with our user community to ensure the security of our secure email service. ProtonMail’s strong security is partially due to the dozens of security contributors who have audited our security either through penetration tests, or review of our open source code. Less well known is the fact that we also routinely provide access to our back-end code and API specifications to security auditors from around the world who request access.


ProtonMail Backend Code Release

While we have been providing access to backend code for years, today we would like to make this officially part of ProtonMail’s security contributor programme. If you are a security expert, you can request Github access to ProtonMail’s backend code and API specs by emailing We welcome all efforts to make ProtonMail as secure as possible and we hope that this will encourage more security experts to participate as ProtonMail security contributors. If you find a flaw, it is also possible to get a reward through our bug bounty program.


Help Develop the Encrypted Email Service of the Future!

In addition to getting access to our code to search for security leaks or flaws, it is also possible to join the project and actively contribute code. Like any open source project, we have always welcomed pull requests from people outside of our team and will merge them after appropriate code review. Even though it is not widely publicized, over the past two years, over a dozen different people have joined our Organization on Github and participated in writing code for ProtonMail.

We always welcome interested developers who wish to contribute code to ProtonMail or OpenPGPjs. In addition to the visibility of participating in a high profile project, you will also get to work on the cutting edge of security, cryptography, and optimizing user experience with the latest technologies. You will also have the opportunity to interact with the rest of our community and help us build the most highly requested features. If you are interested in building the future of secure email, you can write to get in touch with our team and develop with us on Github.

Best Regards,
The ProtonMail Team

About the Author


We are scientists, engineers, and developers drawn together by a shared vision of protecting civil liberties online. Ensuring online privacy and security are core values for the ProtonMail team, and we strive daily to protect your rights online.

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

3 comments on “Improve your secure email service by joining our back-end code audit

  • Hi will all the source code (Server- & Clientside) eventually become fully FOSS once the audit is done and presumed without critical bugs?

    Or will it stay closed without ever being released to the generic public?

      • dont need fancy spam filtering. add a feature that allows users to send a “bounce” message back to spammers. A “bounce” message is the server side message back to a sender that the target emaill address account /does not exist/. Spammers listen for that “bounce” and remove the target email addr from thier databse.