Responsible disclosure policy
At ConsenSys, security is a priority. However, regardless of how much effort we put into system security, there may still be vulnerabilities.
If you discover a vulnerability, please do the following so we can address it as quickly as possible:
- E-mail your findings to firstname.lastname@example.org. Provide sufficient information to reproduce the problem, so we can resolve it as quickly as possible.
- Don’t take advantage of the vulnerability you’ve discovered.
- Practice responsible disclosure.
That is, don’t reveal the problem to others until one of the following happens:
- We release a fix for the disclosure.
- 90 days pass.
- We waive responsible disclosure.
We will acknowledge receipt of your vulnerability report the next business day and send you regular updates about our progress.
Thank you for helping us protect our clients and systems.