From 3f875631185b8127f9412efca9b49136fdaa17f6 Mon Sep 17 00:00:00 2001 From: Yuri Tkachenko Date: Tue, 20 Aug 2024 13:31:01 +0200 Subject: [PATCH] chore: apply suggestions from code review --- SECURITY.md | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index d8588b62e..449977738 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -2,23 +2,22 @@ ## Reporting a Vulnerability -The Lido team appreciates your efforts to responsibly disclose your findings and will make every effort to acknowledge your contributions. +The Lido contributors appreciate your efforts to disclose your findings responsibly and will make every effort to acknowledge your contributions. -To report a security issue, please use the [Lido Bug Bounty program on Immunefi](https://immunefi.com/bounty/lido). +To report a security issue, please use the [Lido Bug Bounty program on Immunefi](https://immunefi.com/bounty/lido). This platform enables efficient tracking and response to vulnerabilities while offering rewards for valid submissions. -The Immunefi platform allows the Lido team to better track and respond to vulnerabilities, while also providing an opportunity for researchers to be rewarded for their findings. - -Please DO NOT file a public issue on GitHub or disclose the vulnerability publicly in any way before it has been addressed by the Lido core contributors. +> [!IMPORTANT] +> Please DO NOT file a public issue on GitHub or disclose the vulnerability publicly in any way before it has been addressed by the Lido core contributors. ## Scope -For details on what is considered in scope for the bug bounty program, please refer to the Lido Bug Bounty page on Immunefi. +Please refer to the [Lido Bug Bounty page on Immunefi](https://immunefi.com/bounty/lido) for details on what is considered within the bug bounty program's scope. ## Process 1. Submit your report through the Immunefi platform. -2. The Lido team will assess the report and may ask for additional information or clarification. +2. The Lido contributors will evaluate your report and may request additional information or clarification. 3. Once validated, the team will work on a fix and coordinate the release process. -4. After the fix has been deployed, the team will publish a security advisory and acknowledge your contribution (if you wish to be credited). +4. After the fix is deployed, a security advisory will be published, and your contribution will be acknowledged (if you wish to be credited). Thank you for helping keep Lido and its users safe!