That is understood, and is always why we engaged with some of the top researchers who contribute to our bug bounty program, from the start with this project.
For example offering increased bounties during certain windows, or providing early access to the source code.
We highly value our bug bounty program, and find it to be a very effective mechanism for continuous security validation.
I'll write a tech blog post in the near future about how we facilitate our program.
