Security Policy

We take security seriously. This page outlines our security policy and how to report vulnerabilities.

Reporting Security Vulnerabilities

If you discover a security vulnerability in our system, please report it responsibly. We appreciate your help in keeping our users safe.

⚠️ Important

Please do not publicly disclose vulnerabilities until we have had a chance to address them. This helps protect our users and allows us to fix issues properly.

📧 Email Report

Send detailed information about the vulnerability to:

[email protected]

🔗 On-Chain Info

Security information is embedded in our Solana program:

View on Solana Explorer

What to Include in Your Report

Description of the vulnerability
Steps to reproduce the issue
Potential impact and severity
Any proof-of-concept code (if applicable)
Your contact information (optional, for follow-up)

Response Timeline

24 hours: Initial acknowledgment of your report
72 hours: Initial assessment and severity classification
1 week: Detailed analysis and fix timeline
Ongoing: Regular updates on fix progress

Scope

This security policy covers:

Burn & Claim web application
Solana program (abrn446KXzKZxSowJdHN9XumbGfQi4DdAfWHBT7X81r)
API endpoints and services
Smart contract interactions
User data handling and privacy

Recognition

We appreciate security researchers who help us improve our security posture. While we don't currently offer monetary rewards, we will:

Acknowledge your contribution (if desired)
Provide detailed feedback on your report
Keep you updated on fix progress
Consider you for future security initiatives

Thank You

Thank you for helping keep our users safe. Your responsible disclosure helps us maintain the highest security standards for Burn & Claim .