The following document describes various aspects of the Firedancer security program.
Security-relevant bugs in Firedancer v0.1 should be submitted to our Immunefi bug bounty program. Under the terms and conditions of the program, you may be eligible for a reward.
Code outside the scope of the bug bounty program is still in development. It is yet to go through more rigorous security testing and auditing. If you find a bug outside the bug bounty program's scope, submit it as a GitHub issue.
The Firedancer project engages third party firms to conduct independent security audits of Firedancer.
As these third-party audits are completed and issues are sufficiently addressed, we make those audit reports public.
Leading up to the mainnet launch of Firedancer v0.1, an audit contest on Immunefi was held from 10 July 2024 to 21 August 2024.