At the XYO Network, we treat security as a priority. We understand that no code is completely secure and welcome reports of vulnerabilities in our assets. If you believe you have found a security vulnerability in our systems, please follow the policy outlined below. For each report submitted to the XYO Network bounty program, we will provide an initial response within two (2) business days. If the report is deemed valid, we will make a bounty decision and payment within seven (7) business days. Please contact firstname.lastname@example.org with any details regarding a vulnerability.
Bounties are entirely at the discretion of the XYO Network. For qualifying vulnerabilities, the following outlines standard bounty amounts:
Let us know as soon as possible upon discovery of a potential security issue, and we'll make every effort to quickly resolve the issue. Although we welcome disclosure, provide us a reasonable amount of time to resolve the issue before any disclosure to the public or a third-party. Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service. Only interact with accounts you own or with explicit permission of the account holder