Our bug bounty is now listed on Immunefi. Start taking a look and wait for the launch to report vulnerabilities!
Do not disclose vulnerabilities publicly or by executing them against a production network. If you do, not only will you be putting users at risk, but you will also forfeit your right to a reward.
Do not disclose the vulnerability publicly, for example by filing a public ticket or Github issue.
Do not test the vulnerability on a publicly available network, either the testnet or the mainnet.
