Responsible Disclosure Program

We are committed to ensuring the security and integrity of our systems and value the contributions of security researchers in identifying vulnerabilities.

Program Overview

If you discover a security vulnerability in our systems, we encourage you to report it to us responsibly. We offer a reward of 1000 satoshis for valid and actionable bug reports submitted via email to info@rizful.com.

How to Report a Vulnerability

Please include the following details in your email:

• A detailed description of the vulnerability
• Steps to reproduce the issue
• Potential impact of the vulnerability
• Your contact information (optional, for follow-up)

Send your report to: info@rizful.com

Eligibility for Reward

To be eligible for the 1000 satoshis reward, the reported vulnerability must:

• Be a previously unreported issue
• Have a demonstrable impact on the security of our systems
• Be reported responsibly, without disclosing the issue publicly before we have had a chance to address it

Our Commitment

We will:

• Acknowledge receipt of your report within 48 hours
• Work with you to validate and address the vulnerability
• Provide the reward upon confirmation of a valid vulnerability

Legal Safe Harbor

We will not pursue legal action against researchers who report vulnerabilities in good faith and in accordance with this policy. Please refrain from actions that could harm our systems or users, such as denial-of-service attacks or unauthorized access beyond what is necessary to demonstrate the vulnerability.

Thank you for helping us keep our systems secure!