If you believe you have found a security vulnerability affecting the Celo protocol, network or infrastructure - please consider reporting it responsibly using our Bug Bounty program on r.xyz.
Alternatively, you can reach out directly to us:
Send an email to [email protected]
Optional - encrypt the email message to protect the information you share - GPG key - Fingerprint: C57F A8A6 83C8 8571 B5AA B298 D217 4A7C D2BB 4846
Help the Security team understand the vulnerability by providing the following info in your report:
Affected Resource: repository, url, smart contract etc.
Description and Impact: describe the vulnerability in detail and explain the impact.
Steps to reproduce: provide a step-by-step description of how you discovered the vulnerability, including any tools or techniques you used.