We at Decent encourage security researchers to contact us directly and privately to report any potential security vulnerabilities in either our smart contracts or front end code.
If the issue you are reporting is not a security vulnerability, simply open a new GitHub issue.
If you would like to disclose a vulnerability in Decent, please send a new email to security@decentdao.org.
Please include the following information in your email:
- The date / time you first identified the vulnerability.
- How you identified the vulnerability.
- Step by step instructions for performing the vulnerability.
- Any additional information about the vulnerability.
If you prefer secure communication, please use the following GPG key: