top of page

Report a Security Issue

At Web3 Foundation (W3F) we encourage responsible security investigation and reporting.

How to report

To report a security issue send an email to security-report@web3.foundation.
Consider encrypting your message using the PGP key embedded below.

PGP Public Key

To facilitate reproduction of reported issues, we encourage you to include the following information if possible:

  • Description of the issue

  • Description of the issue’s potential security impact

  • The affected resource. e.g. URL, GitHub code snippet, transaction

  • Ideally a proof-of-concept that demonstrates the issue

What to report

Contact us if you have discovered security issues in any of the following:

- Services, web-based and otherwise, deployed        by W3F

- Decentralized applications, such as Kusama          and Polkadot, deployed by W3F

- W3F network and infrastructure

Our process

Upon receiving your report, W3F will assess the issue and reach out to ask for additional information and/or provide assessment. Any reported security issues may be eligible for rewards depending on W3F’s determination of their novelty and the severity of their potential impact.

  • LinkedIn
  • Twitter
  • YouTube
  • PngItem_1280311

Security Report

© 2021 Boson labs, All Rights Reserved

bottom of page