NodeSet
  • NodeSet Documentation
  • NodeSet
    • Introduction
    • Infrastructure Powered by NodeSet
    • Security Notice
  • Node Operators
    • Applications
    • Node Operator Policies
    • Client Diversity Policy
    • Best Practices
      • Terminology
      • Planning Your Node Architecture
      • MEV Boost
    • Hyperdrive
      • Installation
      • Configuration
      • Updating
      • Monitoring Your Node
      • Uninstallation
      • Disaster Recovery and Node Migration
      • Public Betas
    • FAQ
  • StakeWise Integration
    • Introduction
    • What's New in v1.2
    • FAQ
    • Node Operator Guide
      • Monitoring the StakeWise Module
      • Key Recovery
      • How it Works
    • Security Information
  • Constellation
    • Overview
    • xrETH
    • xRPL
    • Constellation vs Others
    • Risks and Mitigations
    • Node Operators
    • Node Operator Guide
      • Overview
      • Prerequisites
      • Registering your Node with Constellation
      • Creating and Running Minipools
      • Rewards Algorithm
    • Administrator
    • Treasurer
    • FAQ
    • Security Information
  • NodeSet Dashboard
    • Introduction
    • Authorizing Your Node
    • Security Information
Powered by GitBook
On this page
  • Penetration Testing
  • Bug Bounties
  1. NodeSet Dashboard

Security Information

PreviousAuthorizing Your Node

Last updated 7 months ago

If you wish to report any security-related issues, please email us directly at [email protected]

Penetration Testing

The NodeSet Dashboard undergoes regular penetration tests by leading independent security professionals. However, nodeset.io does not interact with any assets and is therefore closed-source for maximum security. Due to this and the sensitive nature of these security reports, these reports will not be released publicly. However, for the sake of transparency, we will list the firms engaged in penetration testing here.

Bug Bounties

Note that, in order to be eligible for a bug bounty, you must provide a proof of concept and, if necessary, work with our developers to successfully demonstrate the issue.

Rewards for successfully replicated issues in the NodeSet Dashboard are awarded according to severity as classified by the for websites and apps:

Severity
Amount (USD)

Critical

$20,000

High

$10,000

Medium

$5,000

In addition, because NodeSet currently must retain pre-signed exit messages from our Ethereum node operators, the NodeSet Dashboard has a special level of bug bounty set at $50,000 USD specifically for exploits which demonstrate full access to this data.

Immunefi Vulnerability Severity Classification System