As brought up in the telegram chat by Palkeo and Bernhard Mueller, it would be awesome to have a public page the lists vulnerable contracts found via Palkeo’s tool, and also have a way to contact a contract’s creator to notify them of vulnerabilities. This would have an added benefit of a public repository of vulnerable contracts where devs and auditors could sharpen their security eye.
I’ve had this problem too! We have a big queue of bugs we’d like to report and no easy way to do so. I started keeping track of the security contacts for various blockchain companies in this git repo: