Security
Previous to releasing v1, we conducted an initial audit with Coinspect.
However, the protocol should still be treated with caution given it still hasn't been live for a long period of time.
Audits
Responsible disclosure
We currently do not have a bug bounty program for Firm protocol. However, since v1 is currently deployed in live networks, user funds could be at risk should a critical vulnerability exist.
If you believe you have found a vulnerability in Firm protocol, please responsibly disclose it by emailing security@firm.org.
Last updated