## Security related issues

**For any security related issues, follow responsible disclosure standards.
Do not file public issues.**

Please file a report at the [Ethereum bug bounty program](https://ethereum.org/en/bug-bounty/) in order to receive a reward for your findings.

When in doubt, please send an encrypted email to security@status.im and ask ([gpg key](https://github.com/status-im/status-security/blob/master/pgp-keys/security%40status.im.asc)).

Security related issues are (sufficient but not necessary criteria):

- Soundness of protocols (consensus model, p2p protocols): consensus liveness and integrity. 
- Errors and failures in the cryptographic primitives 
- RCE vulnerabilities
- Any issues causing consensus splits from the rest of the network
- Denial of service (DOS) vectors
- Broken Access Control 
- Memory Errors
- Security Misconfiguration
- Vulnerable Dependencies 
- Authentication Failures 
- Data Integrity Failures
- Logging and Monitoring Vulnerabilities