top of page

Report a Security Issue

At Web3 Foundation (W3F) we encourage responsible security investigation and reporting.

How to report

To report a security issue send an email to
Consider encrypting your message using the PGP key embedded below.

PGP Public Key

To facilitate reproduction of reported issues, we encourage you to include the following information if possible:

  • Description of the issue

  • Description of the issue’s potential security impact

  • The affected resource. e.g. URL, GitHub code snippet, transaction

  • Ideally a proof-of-concept that demonstrates the issue

What to report

Contact us if you have discovered security issues in any of the following:

- Services, web-based and otherwise, deployed        by W3F

- Decentralized applications, such as Kusama          and Polkadot, deployed by W3F

- W3F network and infrastructure

Our process

Upon receiving your report, W3F will assess the issue and reach out to ask for additional information and/or provide assessment. Any reported security issues may be eligible for rewards depending on W3F’s determination of their novelty and the severity of their potential impact.

  • LinkedIn
  • Twitter
  • YouTube
  • PngItem_1280311

© 2021 Boson labs, All Rights Reserved

bottom of page