The Lido contributors appreciate your efforts to disclose your findings responsibly and will make every effort to acknowledge your contributions.
To report a security issue, please use the Lido Bug Bounty program on Immunefi. This platform enables efficient tracking and response to vulnerabilities while offering rewards for valid submissions.
Important
Please DO NOT file a public issue on GitHub or disclose the vulnerability publicly in any way before it has been addressed by the Lido core contributors.
Please refer to the Lido Bug Bounty page on Immunefi for details on what is considered within the bug bounty program's scope.
- Submit your report through the Immunefi platform.
- The Lido contributors will evaluate your report and may request additional information or clarification.
- Once validated, the team will work on a fix and coordinate the release process.
- After the fix is deployed, a security advisory will be published, and your contribution will be acknowledged (if you wish to be credited).
Thank you for helping keep Lido and its users safe!