If you discover a vulnerability, please submit it to our bug bounty program here which also shows the eligible assets. We will quickly respond and verify the vulnerability.
Rewards are based on severity per CVSS (the Common Vulnerability Scoring Standard). Please note these are general guidelines, and reward decisions are up to the discretion of the Oasis Protocol Foundation.
We will do our best to meet the following response targets for hackers participating in our program:
We will keep you updated about the status during the process and may reach out for additional information.