Skip to content

Security: smartcontractkit/ccip

Security

SECURITY.md

Reporting a Vulnerability

This repository is covered by Chainlink's bug bounty programs.

If you have found an issue or bug that potentially affects the overall security of the project then please privately report the issue as a vulnerability on one of the two bug bounty programs below.

Please do not open a public GitHub issue sharing the details of a security related bug. Valid security findings may be eligible for payout. The programs have detailed scopes, so please ensure your bug is within them before submitting.

Please note that both our programs require completing KYC before a bounty can be paid out.

HackerOne

https://hackerone.com/chainlink

Immunefi

https://immunefi.com/bounty/chainlink/

There aren’t any published security advisories