The security of Story DKG TEE is critical. If you discover any security vulnerabilities, we appreciate your help in responsibly disclosing them to us.

Please do not file a public ticket mentioning the vulnerability.

Story DKG TEE is not yet covered under a bug bounty program and is not considered production-ready. This document will be updated when the program is ready, and it will be announced on our channels.

We recommend to wait for the program to be ready for reporting, but if you find a vulnerability that will put the network at risk, please send an email to security@piplabs.xyz. We kindly request that you provide us with the following details:

• A clear description of the vulnerability and its potential impact.
• Steps to reproduce the vulnerability.
• Any additional information or proof of concept that can help us understand and address the issue.

If applicable, rewards will be provided through the bug bounty program when ready.

We believe in responsible disclosure and request that you refrain from publicly disclosing any vulnerabilities until we have had sufficient time to investigate and address them. We appreciate your cooperation in helping us maintain the security and integrity of our systems.

Please note that this document is subject to change and may be updated as our security practices evolve. We encourage you to check back regularly for any updates or changes.