Skip to content

Security: Consensys/linea-monorepo

Security

docs/security.md

Security Policy

We consider the security of our systems a top priority. But no matter how much effort we put into system security, there can still be vulnerabilities present.

Reporting Security Issues

DO NOT report security vulnerabilities through public GitHub issues. Instead, please use one of the following means of communications to report it to us:

  1. Report through our Linea Immunefi program or
  2. Email us at security-report@linea.build with details about the security issue.

Please provide the following details in your email:

  • Description of the vulnerability
  • Steps to reproduce the vulnerability
  • Versions affected
  • Any potential mitigations or workarounds you've identified

Responsible Disclosure Security Policy

A responsible disclosure policy helps protect users of the project from publicly disclosed security vulnerabilities without a fix by employing a process where vulnerabilities are first triaged in a private manner, and only publicly disclosed after a reasonable time period that allows patching the vulnerability and provides an upgrade path for users.

When contacting us directly via email, we will do our best efforts to respond in a reasonable time to resolve the issue. When contacting a security program their disclosure policy will provide details on time-frame, processes and paid bounties.

We kindly ask you to refrain from malicious acts that put our users, the project, or any of the project's team members at risk.

Risk Disclosures

Linea risk disclosures can be found at:

Scope

This security policy applies to the code, libraries, and configurations within this repository. This includes any code or components that are part of the repository or its dependencies.

Previous Audits

There aren’t any published security advisories