Skip to content

Commit

Permalink
chore: updating links to the new safu (#162)
Browse files Browse the repository at this point in the history
  • Loading branch information
@sandoche
sandoche authored May 8, 2024
1 parent 753f893 commit 46b236c
Showing 1 changed file with 8 additions and 8 deletions.
16 changes: 8 additions & 8 deletions docs/protocol/security/safu.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,30 +4,30 @@ sidebar_position: 3

# Simple Arrangement for Funding Upload (SAFU)

The [Simple Arrangement for Funding Upload (the "SAFU")](https://github.com/evmos/evmos/tree/main/SAFU.pdf)
The [Simple Arrangement for Funding Upload (the "SAFU")](https://github.com/evmos/evmos/tree/main/SAFU.md)
outlines the post-exploit policy for active vulnerabilities in the Evmos blockchain.
The SAFU is intended for white hat hackers
and outlines the process for returning funds and calculating rewards
for vulnerabilities found in the network.
In summary, the SAFU states the following:

* Hackers are not at risk of legal action if they act in accordance
- Hackers are not at risk of legal action if they act in accordance
with the SAFU.
* Hackers have a Grace Period to return any exploited funds
- Hackers have a Grace Period to return any exploited funds
to a specified dropbox address and can claim a reward of
a Bounty Percent of the total funds secured up to the Bounty Cap.
* The rewards are distributed during the next upgrade of the network.
* If the reward is valued above a specified threshold amount,
- The rewards are distributed during the next upgrade of the network.
- If the reward is valued above a specified threshold amount,
white hat hackers should go through
a Know Your Clients/Know Your Business (KYC/KYB) process.
* Exploiting vulnerabilities for malicious purposes
- Exploiting vulnerabilities for malicious purposes
will make a hacker ineligible for any rewards.
* White hat hackers are not entitled to any rewards from the team or network
- White hat hackers are not entitled to any rewards from the team or network
for funds from "Out of Scope Projects" (other projects that were exploited
by hackers but do not have their own SAFU program).

For more information,
visit [the SAFU agreement](https://github.com/evmos/evmos/tree/main/SAFU.pdf).
visit [the SAFU agreement](https://github.com/evmos/evmos/tree/main/SAFU.md).

## Dropbox Address

Expand Down

0 comments on commit 46b236c

Please sign in to comment.