fryorcraken
commented
1 year ago @emilio-revelo Can you please assist with that? Should we just point to our hacker bounty portal?
Closed LordGhostX closed 1 year ago
fryorcraken
commented
1 year ago @emilio-revelo Can you please assist with that? Should we just point to our hacker bounty portal?
j-vlz
commented
1 year ago Thanks for reaching out @fryorcraken, and indeed we can put something like this:
With the aim of improving the security of Waku, we encourage researchers to help us to identify and resolve potential vulnerabilities, to do so please submit your reports at: https://hackenproof.com/status-dot-im/waku.
Please read the Waku Security Bug Bounty Program to get more details about the assets in scope, the program rules and the severity classifications, before submitting a report.
fryorcraken
commented
1 year ago @LordGhostX is this done? Can't see it in https://dev.waku.guide/contribute
LordGhostX
commented
1 year ago I'm pushing a PR today that already addresses this issue + the other comments in the previous PR
We need to define a security policy outlining the steps users should follow to ensure the safe reporting of security issues in the Waku Network.
Reference: https://github.com/xmtp/.github/blob/main/SECURITY.md
cc: @fryorcraken