Skip to main content

Security Overview

The Security Policy on DEP includes a vulnerability disclosure policy and guidelines for reporting vulnerabilities in the DEP ecosystem. It explains the process for reporting and disclosing vulnerabilities through the use of the DEP Security and how the DEP team handles and resolves reported vulnerabilities. The contents of the policy help avoiding privacy violations and keeping information confidential. Also included are commitments from the DEP team, such as not pursuing legal action and working with researchers to disclose issues in a timely manner. The disclosure process includes steps for verifying and confirming reported vulnerabilities, determining their potential impact on the DEP platform, and patching and disclosing the vulnerability to the public. The payment process for reported vulnerabilities is also outlined and instructions for contacting the DEP Security Team are provided. For more information, visit the Security Policy documentation sites:

  • DEP Security Policy
  • Ethermint Security Policypolicy

Additionally, DEP has a Simple Arrangement for Funding Upload (SAFU). The SAFU is a simple yet extensible way to specify a post-exploit policy for whitehats, particularly rewards and distributions. For more information, visit the SAFU section.