Skip to content

Security Vulnerability Disclosure Policy

Until Aragon DAOs are deployed onto the mainnet, we kindly ask all security vulnerabilities to be publicly disclosed by filing issues under the relevant repos in our GitHub organization. Most likely, the vulnerability will fall under either aragonOS, aragon-apps, Aragon Core, or aragon.js.

We will revise our policy as we begin deploying contracts to the mainnet.