Contribute to RootstockLabs platforms security

RootstockLabs has created the bug bounty program to reward researchers that submit valid vulnerabilities to improve the RootstockLabs platforms security.

Service Level Agreement (SLA)

RootstockLabs aims to meet the following SLAs for hackers participating in our program:

  • Time to first response (from report submit) - 5 business days
  • Time to triage (from report submit) - 7 business days
  • Time to bounty (from triage) - 15 business days

We aim to keep you informed about the progress throughout the process.

Disclosure Policy

  • Follow HackerOne's disclosure guidelines.
  • Public disclosure of a vulnerability makes it ineligible for a bounty. If the user reports the vulnerability to other security teams (e.g. Ethereum or ETC) but reports to RootstockLabs with considerable delay, then RootstockLabs may reduce or cancel the bounty.

Scope and Rules

Visit the Scope Section on Hackerone to view the scope / out of scope vulnerability, and the program rules.

Receive updates

Get the latest updates from the Rootstock ecosystem