Filecoin’s mission is to create a decentralized storage network that empowers users to store and manage data securely and efficiently. The security and integrity of our platform are paramount to achieving this goal. If you encounter any issues or vulnerabilities on Filecoin, our dedicated security team is prepared to respond swiftly and address them.

To facilitate this process, we have established clear guidelines for reporting vulnerabilities. Your input is crucial in ensuring the security of Filecoin, and we appreciate your efforts in helping us achieve our mission.

If you believe you’ve discovered a vulnerability in Filecoin. You can report it via our revised bug bounty program on Immunefi here. Make sure to read through the program policy before submitting the report.

Apart from monetary rewards, we do maintain a Hall of Fame to recognize the contributions of security researchers who have helped improve the security of Filecoin. Additionally, we have a Leaderboard that ranks researchers based on the impact and payout of their submissions. These initiatives serve to highlight the important work of security researchers and encourage ongoing collaboration. You can find the page here.

If you wish to publish your bug findings, please refer to our disclosure policy for guidelines and procedures.

If you’ve any general security concerns or questions about bug bounty program, don’t hesitate to reach out via security@filecoin.org.

Please note that vulnerabilities reported via security@filecoin.org will no longer be eligible for monetary rewards. We encourage you to use the Immunefi platform for all future submissions to qualify for rewards.