Responsible Disclosure and Bug Bounties

GetScatter / ScatterWebExtension

Extension that allows you to sign transactions with your private keys securely from within the browser without ever exposing them.

MIT License

366 stars 127 forks source link

Responsible Disclosure and Bug Bounties #90

Closed jamespic closed 6 years ago

jamespic commented 6 years ago

I am investigating the security of Scatter. I could not see any info on the home page for the correct procedure for reporting security vulnerabilities. Could you clarify:

What is the correct way to responsibly disclose potential security issues?
Are there any bounties available for disclosing security issues?

nsjames commented 6 years ago

Hey man, thanks for the suggestion. I went ahead and added a section about this on the readme. <3

https://github.com/EOSEssentials/Scatter#responsible-disclosure-and-bug-bounties