Add a security-related bug bounty program

okTurtles / group-income

A decentralized and private (end-to-end encrypted) financial safety net for you and your friends.

https://groupincome.org

GNU Affero General Public License v3.0

331 stars 44 forks source link

Add a security-related bug bounty program #840

Open taoeffect opened 4 years ago

taoeffect commented 4 years ago

Problem

Although we will do our best to ensure no such bugs ever exist, we cannot absolutely guarantee that no vulnerability ever makes its way into our code or the code of one of our dependencies.

Solution

After launch, start a bug bounty program that pays out for security-related vulnerabilities.

mmbotelho commented 4 years ago

I had never heard of bug bounty programs before, this is a very cool concept! 😄