Skip to content

Fix #59: Does gravity.xyz / galxe.com have bug bounty program? #60

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Stackwyre wants to merge 1 commit into
base: main
Choose a base branch
from
+63 −0
Open

Fix #59: Does gravity.xyz / galxe.com have bug bounty program? #60

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
63 changes: 63 additions & 0 deletions about/community-programs/bug-bounty.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
---
title: "Bug Bounty Program"
description: "Information about Galxe's bug bounty program and security vulnerability reporting"
---

# Bug Bounty Program

Galxe takes security seriously and values the contributions of security researchers and the broader community in helping us maintain the security of our platform.

## Security Vulnerability Reporting

If you discover a security vulnerability in any of our systems, please report it responsibly through our official channels.

### How to Report

For security-related issues, please contact our security team at:
- **Email**: security@galxe.com
- **Subject Line**: [Security] Bug Report - [Brief Description]

### What to Include

When reporting a security vulnerability, please provide:
- Detailed description of the vulnerability
- Steps to reproduce the issue
- Potential impact assessment
- Any proof-of-concept code or screenshots
- Your contact information for follow-up

### Response Process

1. **Acknowledgment**: We will acknowledge receipt of your report within 48 hours
2. **Investigation**: Our security team will investigate and validate the report
3. **Resolution**: We will work to resolve confirmed vulnerabilities promptly
4. **Recognition**: Valid reports may be eligible for recognition in our security acknowledgments

## Scope

Our bug bounty program covers:
- galxe.com and its subdomains
- gravity.xyz and its subdomains
- Mobile applications
- API endpoints
- Smart contracts

## Guidelines

- Test only on your own accounts or with explicit permission
- Do not access or modify data belonging to other users
- Do not perform attacks that could harm our users or services
- Do not publicly disclose vulnerabilities before they are resolved
- Follow responsible disclosure practices

## Out of Scope

- Social engineering attacks
- Physical attacks
- Denial of service attacks
- Spam or content injection issues
- Issues requiring physical access to user devices

For general support or non-security related issues, please use our regular support channels or community forums.

Thank you for helping us keep Galxe secure!