|
@@ -90,10 +90,10 @@ We currently do not use the Github workflow to publish security advisories. Once
|
|
|
|
|
|
|
|
<a name="bounty"></a>
|
|
<a name="bounty"></a>
|
|
|
## Security Bug Bounties
|
|
## Security Bug Bounties
|
|
|
-The Solana Foundation offer bounties for critical Solana security issues. Please
|
|
|
|
|
-see below for more details. Either a demonstration or a valid bug report is all
|
|
|
|
|
-that's necessary to submit a bug bounty. A patch to fix the issue isn't
|
|
|
|
|
-required.
|
|
|
|
|
|
|
+At its sole discretion, the Solana Foundation may offer a bounty for
|
|
|
|
|
+[valid reports](#reporting) of critical Solana vulnerabilities. Please see below
|
|
|
|
|
+for more details. The submitter is not required to provide a
|
|
|
|
|
+mitigation to qualify.
|
|
|
|
|
|
|
|
#### Loss of Funds:
|
|
#### Loss of Funds:
|
|
|
$2,000,000 USD in locked SOL tokens (locked for 12 months)
|
|
$2,000,000 USD in locked SOL tokens (locked for 12 months)
|
drebaglioni