|
| 1 | +# Security |
| 2 | + |
| 3 | +## Bug bounty program |
| 4 | + |
| 5 | +In line with our strategy of being the safest way for users to access crypto: |
| 6 | + |
| 7 | ++ Coinbase will be extending our [best-in-industry][1] million-dollar [HackerOne bug bounty program][2] |
| 8 | +to cover the Base network, the Base bridge contracts, and Base infrastructure. |
| 9 | + |
| 10 | ++ Coinbase will be working in tandem with OP Labs to harden the security |
| 11 | +guarantees of Bedrock and accelerate the timeline for decentralized |
| 12 | +fault-proofs on the [OP Stack][3]. |
| 13 | + |
| 14 | ++ Coinbase's bug bounty program will run alongside Optimism's existing [Immunefi Bedrock bounty program][4] |
| 15 | +to support the open source [Bedrock][5] OP Stack framework. |
| 16 | + |
| 17 | +## Reporting vulnerabilities |
| 18 | + |
| 19 | +All potential vulnerability reports can be submitted via the [HackerOne][6] |
| 20 | +platform. |
| 21 | + |
| 22 | +The HackerOne platform allows us to have a centralized and single reporting |
| 23 | +source for us to deliver optimized SLA's and results. All reports submitted to |
| 24 | +the platform are triaged around the clock by our team of Coinbase engineers |
| 25 | +with domain knowledge, assuring the best quality of review. |
| 26 | + |
| 27 | +For more information on reporting vulnerabilities and our HackerOne bug bounty |
| 28 | +program, view our [security program policies][7]. |
| 29 | + |
| 30 | +[1]: https://www.coinbase.com/blog/celebrating-10-years-of-our-bug-bounty-program |
| 31 | +[2]: https://hackerone.com/coinbase?type=team |
| 32 | +[3]: https://stack.optimism.io/ |
| 33 | +[4]: https://immunefi.com/bounty/optimism/ |
| 34 | +[5]: https://stack.optimism.io/docs/releases/bedrock/ |
| 35 | +[6]: https://hackerone.com/coinbase |
| 36 | +[7]: https://hackerone.com/coinbase?view_policy=true |
| 37 | + |
| 38 | + |
0 commit comments