Program overview
- Policy: Responsible Vulnerability Disclosure Policy — scope, testing rules, and legal notice
- Rewards: Reward tables — CVSS v4.0–based ranges and payout conditions
- Report: Submit a report — format, reproduction steps, and PoC requirements
- Hall of Fame: Acknowledgments to researchers who help improve our security
MPC library (bron-crypto)
The open source bron-crypto MPC library is in scope. See github.com/bronlabs/bron-crypto and its SECURITY.md for scope and reporting details.Contact
Submit reports to [email protected].SLA: Acknowledgment within 3 business days; initial triage within 10 business days.
Bug Bounty Program
More about our Bug Bounty program — policy, rewards, reporting, and Hall of Fame — on the Bug Bounty site.