Bug Bounty

Bounty Program

We encourage the community to audit our open source code; we also encourage the responsible disclosure of any issues. The bug bounty program is intended to recognize the value of working with the community of independent security researchers and sets out our definition of good faith in the context of finding and reporting vulnerabilities, as well as what you can expect from us in return.

Submissions

Please email your submissions to bugs@flit.io

The submission must include clear and concise steps to reproduce the discovered vulnerability. The following layout of the bug bounty report is encouraged:

• Description: Describe at a high level the bug with links to problematic code

• Attack: Detailed instructions for exploiting the bug

• Mitigation: How to resolve the bug

• Suggested risk rating: The recommended severity of this bug