We take the security of our project very seriously. If you have discovered a security vulnerability within our project, we kindly ask you to follow the steps below to responsibly disclose it to our team:
-
Do not disclose the vulnerability publicly until it has been fixed. Public disclosure of a security issue can put the entire community at risk.
-
Email us directly at security@lisk.com with a detailed description of the issue. Please provide as much information as possible, including steps to reproduce the issue, potential impacts, and any suggestions you might have for resolving it.
-
Give us a reasonable amount of time to address the issue before you disclose it to others. We promise to investigate all legitimate reports and make every effort to quickly resolve any issues.
-
Do not exploit the vulnerability more than is necessary to prove its existence. Avoid accessing or modifying data that does not belong to you.
When a security issue is identified and resolved, we will update the project and release a new version as promptly as possible. We will also provide a detailed report of the vulnerability, how it was addressed, and the steps we're taking to prevent similar issues in the future.
If you have any questions about this policy or the security of this project, please email us at security@lisk.com.
Thank you for helping to keep our project and the broader community safe!