There are two ways to disclose security vulnerabilities to the Gitshock team:

1. Submit a report to our bug bounty program.

2. Send email to dev-cosmware@gitshock.com describing the vulnerability.

Even if your security vulnerability is not eligible for a bounty from the bug bounty program (option 1) the Gitshock team might decide to award a bounty for a security vulnerability submitted by email (option 2).

Vulnerability Criteria

After mainnet, we will evaluate any bug reports especially on the public blockchain config, private blockchain builder, interoperable smart-contracts for bridging, swap and smart-contract builder, multi-chain wallet, website front-ends and backends.