Contribute to RootstockLabs platforms security
RootstockLabs has created the bug bounty program to reward researchers that submit valid vulnerabilities to improve the RootstockLabs platforms security.
Service Level Agreement (SLA)
RootstockLabs aims to meet the following SLAs for hackers participating in our program:
- Time to first response (from report submit) - 5 business days
- Time to triage (from report submit) - 7 business days
- Time to bounty (from triage) - 15 business days
We aim to keep you informed about the progress throughout the process.
Disclosure Policy
- Follow HackerOne's disclosure guidelines.
- Public disclosure of a vulnerability makes it ineligible for a bounty. If the user reports the vulnerability to other security teams (e.g. Ethereum or ETC) but reports to RootstockLabs with considerable delay, then RootstockLabs may reduce or cancel the bounty.
Scope and Rules
Visit the Scope Section on Hackerone to view the scope / out of scope vulnerability, and the program rules.