cli icon indicating copy to clipboard operation
cli copied to clipboard
verified publisher icon archway-network

Add Security.md Security Policy for Reporting Vulnerabilities Appropriately

Open rakataprime opened this issue 3 years ago • 1 comments

It is important to create a policy for reporting security vulnerabilities for smart contract and blockchain projects outside of github issues. This can often be a security.md or SECURITY.md file that is referenced in the readme.md

Example: see https://github.com/CosmosContracts/juno/blob/main/SECURITY.md as an example from the cosmos ecosystem.

Full Disclosure: I am a part of SecurityDAO https://secdao.xyz/ and our DAO does security audits and security consulting for cosmos projects and cosmwasm smart contracts

┆Issue is synchronized with this Jira Task by Unito

rakataprime avatar Mar 28 '22 19:03 rakataprime

Hey @aelesbao, is this issue still open? I know some devs who'd be interested in working on this. If you have a budget for it, I can put this issue up on OpenQ, and find someone interested.

Thanks!

ef3n9r98 avatar Dec 02 '22 18:12 ef3n9r98