nimbus-eth2/docs/the_nimbus_book/src/security_issues.md

## Security related issues

**For any security related issues, follow responsible disclosure standards.
Do not file public issues.**

Please file a report at the [Ethereum bug bounty program](https://ethereum.org/en/bug-bounty/) in order to receive a reward for your findings.

When in doubt, please send an encrypted email to security@status.im and ask ([gpg key](https://github.com/status-im/status-security/blob/master/pgp-keys/security%40status.im.asc)).

Security related issues are (sufficient but not necessary criteria):

- Soundness of protocols (consensus model, p2p protocols): consensus liveness and integrity. 
- Errors and failures in the cryptographic primitives 
- RCE vulnerabilities
- Any issues causing consensus splits from the rest of the network
- Denial of service (DOS) vectors
- Broken Access Control 
- Memory Errors
- Security Misconfiguration
- Vulnerable Dependencies 
- Authentication Failures 
- Data Integrity Failures
- Logging and Monitoring Vulnerabilities
Security note (#3646) 2022-05-20 15:28:00 +00:00			`## Security related issues`

Doc fixes, part 2 (#4806) * part 2 of the initial doc fixes - spelling fixes - grammar fixes - em-dashes should be em-dashes (`—`): double dashes (`--`) are not rendered properly - reduce overusage of em-dashes, some of those should be separate sentences - use the correct syntax for notes, tips and warnings - every sentence is in a separate line (helps with future diffs) - add missing dots at the end of list items - fix some lists * sentences on separate lines in the remaining files 2023-04-11 15:42:35 +00:00			`**For any security related issues, follow responsible disclosure standards.`
			`Do not file public issues.**`
Security note (#3646) 2022-05-20 15:28:00 +00:00
Doc fixes, part 2 (#4806) * part 2 of the initial doc fixes - spelling fixes - grammar fixes - em-dashes should be em-dashes (`—`): double dashes (`--`) are not rendered properly - reduce overusage of em-dashes, some of those should be separate sentences - use the correct syntax for notes, tips and warnings - every sentence is in a separate line (helps with future diffs) - add missing dots at the end of list items - fix some lists * sentences on separate lines in the remaining files 2023-04-11 15:42:35 +00:00			`Please file a report at the [Ethereum bug bounty program](https://ethereum.org/en/bug-bounty/) in order to receive a reward for your findings.`
Security note (#3646) 2022-05-20 15:28:00 +00:00
Doc fixes, part 2 (#4806) * part 2 of the initial doc fixes - spelling fixes - grammar fixes - em-dashes should be em-dashes (`—`): double dashes (`--`) are not rendered properly - reduce overusage of em-dashes, some of those should be separate sentences - use the correct syntax for notes, tips and warnings - every sentence is in a separate line (helps with future diffs) - add missing dots at the end of list items - fix some lists * sentences on separate lines in the remaining files 2023-04-11 15:42:35 +00:00			`When in doubt, please send an encrypted email to security@status.im and ask ([gpg key](https://github.com/status-im/status-security/blob/master/pgp-keys/security%40status.im.asc)).`
Security note (#3646) 2022-05-20 15:28:00 +00:00
Doc fixes, part 2 (#4806) * part 2 of the initial doc fixes - spelling fixes - grammar fixes - em-dashes should be em-dashes (`—`): double dashes (`--`) are not rendered properly - reduce overusage of em-dashes, some of those should be separate sentences - use the correct syntax for notes, tips and warnings - every sentence is in a separate line (helps with future diffs) - add missing dots at the end of list items - fix some lists * sentences on separate lines in the remaining files 2023-04-11 15:42:35 +00:00			`Security related issues are (sufficient but not necessary criteria):`
Security note (#3646) 2022-05-20 15:28:00 +00:00
			`- Soundness of protocols (consensus model, p2p protocols): consensus liveness and integrity.`
			`- Errors and failures in the cryptographic primitives`
			`- RCE vulnerabilities`
			`- Any issues causing consensus splits from the rest of the network`
			`- Denial of service (DOS) vectors`
			`- Broken Access Control`
			`- Memory Errors`
			`- Security Misconfiguration`
			`- Vulnerable Dependencies`
			`- Authentication Failures`
			`- Data Integrity Failures`
			`- Logging and Monitoring Vulnerabilities`