From 1e56e2a50738cc4fec6e27a40b68e69d422dffdb Mon Sep 17 00:00:00 2001
From: mymphe <39704351+mymphe@users.noreply.github.com>
Date: Mon, 12 Aug 2024 18:07:58 +0500
Subject: [PATCH] Create SECURITY.md

---
 SECURITY.md | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..d8588b62e
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,24 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+The Lido team appreciates your efforts to responsibly disclose your findings and will make every effort to acknowledge your contributions.
+
+To report a security issue, please use the [Lido Bug Bounty program on Immunefi](https://immunefi.com/bounty/lido).
+
+The Immunefi platform allows the Lido team to better track and respond to vulnerabilities, while also providing an opportunity for researchers to be rewarded for their findings.
+
+Please DO NOT file a public issue on GitHub or disclose the vulnerability publicly in any way before it has been addressed by the Lido core contributors.
+
+## Scope
+
+For details on what is considered in scope for the bug bounty program, please refer to the Lido Bug Bounty page on Immunefi.
+
+## Process
+
+1. Submit your report through the Immunefi platform.
+2. The Lido team will assess the report and may ask for additional information or clarification.
+3. Once validated, the team will work on a fix and coordinate the release process.
+4. After the fix has been deployed, the team will publish a security advisory and acknowledge your contribution (if you wish to be credited).
+
+Thank you for helping keep Lido and its users safe!