Security
BitView's security posture has three pillars:
- Audited primitives. The on-chain merkle distributor we use is forked unmodified from the Jito/Jupiter implementation, audited by Neodyme and OtterSec. We don't reinvent cryptography.
- Public bug bounty. Up to $100K USD-equivalent for critical findings. Continuous, no end date.
- Coordinated disclosure. Clear
security@bitview.sochannel, published triage SLA, and public post-mortems for confirmed issues.
| Page | Audience |
|---|---|
| Disclosure policy | Anyone who finds a security issue |
| Bug bounty | Researchers eligible for paid disclosure |
| Audit reports | Anyone evaluating BitView's security posture |
If you've found a security issue, stop and read the disclosure policy before posting publicly. Coordinated disclosure is in everyone's interest, including yours.