From 86bd4d73896afcb35a205456e361436701823c7a Mon Sep 17 00:00:00 2001 From: Hadrien Croubois Date: Mon, 22 Nov 2021 15:02:44 +0100 Subject: [PATCH] add bug bounty info --- README.md | 2 +- docs/modules/ROOT/pages/index.adoc | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index c191278f9..0431e656d 100644 --- a/README.md +++ b/README.md @@ -66,7 +66,7 @@ The core development principles and strategies that OpenZeppelin Contracts is ba The latest audit was done on October 2018 on version 2.0.0. -Please report any security issues you find to security@openzeppelin.org. +Please report any security issues you find via our [bug bounty program on Immunefi](https://www.immunefi.com/bounty/openzeppelin) or directly to security@openzeppelin.org. Critical bug fixes will be backported to past major releases. diff --git a/docs/modules/ROOT/pages/index.adoc b/docs/modules/ROOT/pages/index.adoc index 69c2eb730..5b64f0508 100644 --- a/docs/modules/ROOT/pages/index.adoc +++ b/docs/modules/ROOT/pages/index.adoc @@ -40,6 +40,11 @@ TIP: If you're new to smart contract development, head to xref:learn::developing To keep your system secure, you should **always** use the installed code as-is, and neither copy-paste it from online sources, nor modify it yourself. The library is designed so that only the contracts and functions you use are deployed, so you don't need to worry about it needlessly increasing gas costs. +[[security]] +== Security + +Please report any security issues you find via our https://www.immunefi.com/bounty/openzeppelin[bug bounty program on Immunefi] or directly to security@openzeppelin.org. + [[next-steps]] == Learn More