Fuze endeavours to create safe and resilient infrastructure. To that end, we invite all security researchers to test Fuze's public infrastructure for vulnerabilities or exploitation techniques. Please write to security@fuze.finance in case you find a vulnerability that merits our attention.
We offer bug bounties of up to $1000 - depending on the severity and scale of the vulnerability. The exact criteria of the bounty will be communicated to you via email.
The following activities are not eligible for the bug bounty program:
Our team is committed to acknowledging receipt of your report within 48 hours and providing regular updates on the status of the investigation. We strive to resolve critical vulnerabilities within 15 days and other vulnerabilities within a reasonable timeframe based on complexity.