Skip to content

Commit 403edec

Browse files
isabelleweiisabellewei
committed
move contact info into highlight
1 parent eaa7858 commit 403edec

File tree

1 file changed

+10
-6
lines changed

1 file changed

+10
-6
lines changed

src/content/docs/en/technology/security/audits-and-bug-bounty.mdx

Lines changed: 10 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,10 @@ permalink: "technology/security/audits-and-bug-bounty"
88

99
import Aside from "../../../../../components/Aside.astro"
1010

11+
<Aside type="caution">
12+
For any discoveries of critical vulnerabilities outside of the scope of the bug bounty program, please also send reports to security@scroll.io.
13+
</Aside>
14+
1115
Scroll treats security as a top priority.
1216

1317
Aside from rigorous testing, an internal security team, and comprehensive code reviews, we have also engaged with multiple security audit firms to conduct audits on our codebase. We have also launched a bug bounty program to encourage the community to participate in the security of our protocol.
@@ -17,12 +21,6 @@ Aside from rigorous testing, an internal security team, and comprehensive code r
1721
exception. We encourage users to use the protocol with caution and at their own risk.
1822
</Aside>
1923

20-
### Scope
21-
22-
The scope of the bug bounty program covers the blockchain infrastructure and the smart contracts for bridging and rollup. For a detailed breakdown of bug categories, please refer to the bug bounty page.
23-
24-
Besides the listed scopes in the bug bounty program, we also encourage reporting any vulnerabilities identified to Immunefi, which we will still consider for rewards. For any discoveries of critical vulnerabilities outside of the scope of the bug bounty program, please also send reports to security@scroll.io.
25-
2624
## Independent Audits
2725

2826
Scroll has worked with several industry-leading security audit firms to review our codebase, with critical code receiving reviews from multiple teams, including [Trail of Bits](https://www.trailofbits.com/), [OpenZeppelin](https://www.openzeppelin.com/), [Zellic](https://www.zellic.io/), and [KALOS](https://www.kalos.xyz/).
@@ -79,3 +77,9 @@ Rewards depend on the severity of reported vulnerabilities:
7977
- **Critical**: up to \$1,000,000
8078
- **High**: \$10,000 - \$50,000
8179
- **Medium**: \$5,000
80+
81+
### Scope
82+
83+
The scope of the bug bounty program covers the blockchain infrastructure and the smart contracts for bridging and rollup. For a detailed breakdown of bug categories, please refer to the bug bounty page.
84+
85+
Besides the listed scopes in the bug bounty program, we also encourage reporting any vulnerabilities identified to Immunefi, which we will still consider for rewards.

0 commit comments

Comments
 (0)