From 0413d58860e0253f30cd6d18c6caaf20ebb4de33 Mon Sep 17 00:00:00 2001 From: Hadrien Croubois Date: Mon, 22 Nov 2021 15:02:44 +0100 Subject: [PATCH] add bug bounty info (cherry picked from commit 86bd4d73896afcb35a205456e361436701823c7a) --- README.md | 2 +- docs/modules/ROOT/pages/index.adoc | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index c191278f9f4..0431e656da1 100644 --- a/README.md +++ b/README.md @@ -66,7 +66,7 @@ The core development principles and strategies that OpenZeppelin Contracts is ba The latest audit was done on October 2018 on version 2.0.0. -Please report any security issues you find to security@openzeppelin.org. +Please report any security issues you find via our [bug bounty program on Immunefi](https://www.immunefi.com/bounty/openzeppelin) or directly to security@openzeppelin.org. Critical bug fixes will be backported to past major releases. diff --git a/docs/modules/ROOT/pages/index.adoc b/docs/modules/ROOT/pages/index.adoc index 3123a65ca36..242a607d227 100644 --- a/docs/modules/ROOT/pages/index.adoc +++ b/docs/modules/ROOT/pages/index.adoc @@ -40,6 +40,11 @@ TIP: If you're new to smart contract development, head to xref:learn::developing To keep your system secure, you should **always** use the installed code as-is, and neither copy-paste it from online sources, nor modify it yourself. The library is designed so that only the contracts and functions you use are deployed, so you don't need to worry about it needlessly increasing gas costs. +[[security]] +== Security + +Please report any security issues you find via our https://www.immunefi.com/bounty/openzeppelin[bug bounty program on Immunefi] or directly to security@openzeppelin.org. + [[next-steps]] == Learn More