• Stars
    star
    400
  • Rank 107,843 (Top 3 %)
  • Language
  • License
    Creative Commons ...
  • Created over 6 years ago
  • Updated 8 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Directory of security contacts for blockchain companies

Blockchain Security Contacts

This directory is a community-curated resource for contacting security teams. It identifies the best way to contact an organization's security team so that hackers can report vulnerabilities directly to the organizations that can resolve them.

This document is a work in progress. We're happy to accept feedback, questions, or ideas for improvements. File an issue or join us on Slack to talk further.

Recommendations

  • Refer to disclose.io for vulnerability disclosure program best practices
  • Don't make researchers agree to terms to report security issues to you
  • Create a security@ email address that delivers directly to your engineering team

Blockchains

Name Contact More info
Arweave [email protected]
Bitcoin [email protected] Security page
Bitcoin Cash
Bitcoin Gold [email protected] Disclosure policy
Bitshares [email protected]
Bytecoin [email protected]
Cloakcoin [email protected]
Dash Bug bounty
Decred [email protected]
DogeCoin
Edgeware [email protected]
EOS Bug bounty
Ethereum [email protected] Bug bounty
Ethereum Classic [email protected]
Horizen [email protected] Bug bounty
Hush [email protected] Security Page
ICON [email protected]
IOV [email protected]
Komodo [email protected]
Litecoin [email protected]
Nem [email protected]
Neo [email protected]
Monero Multiple Bug bounty
Ontology [email protected]
POA Core [email protected] Security page
Ripple [email protected] Bug bounty
RSK [email protected] Bug bounty
Sia [email protected]
Steem
Tezos [email protected] Bug bounty
Qtum
Quorum [email protected]
VeChain
xDai Chain [email protected] Security page
ZCash [email protected] Security page

Decentralized Applications

Name Deployed Addresses Contact More info
0x External Reference [email protected] Bug bounty
1Hive Keybase Chat Bug bounty
AAVE [email protected]
Ampleforth External Reference [email protected]
Aragon External Reference [email protected] Bug bounty
Bamboo Relay [email protected]
Bancor Network [email protected]
BarterDEX Network [email protected]
Bloom External Reference [email protected]
bZx [email protected]
C-Layer External Reference [email protected]
Commonwealth.im [email protected]
Compound Finance [email protected]
Connext [email protected]
Cozy Finance [email protected]
Decentraland Bug bounty
Decentralized Vulnerability Platform [email protected]
Democracy Earth [email protected]
Dharma [email protected]
Erasure / Numerai External Reference [email protected]
Ethfinex [email protected]
Giveth External Reference
Idle Finance External Reference [email protected]
InstaDApp External Reference [email protected]
Kleros External Reference [email protected] Bug bounty
Kyber Network [email protected]
LivePeer External Reference [email protected]
Melon [email protected]
Nahmii [email protected]
Nexus Mutual [email protected]
Raiden Network [email protected]
Reimagined Finance [email protected] Disclosure Policy
RenEx [email protected]
Sablier External Reference [email protected]
Sandclock [email protected]
Set Protocol [email protected] Bug bounty
Solidified [email protected]
Sovryn External Reference Bug bounty
Status.im [email protected] Bug bounty

Decentralized Exchanges (DEXs)

Name Deployed Addresses Contact More info
AirSwap Etherscan [email protected]
DDEX Etherscan [email protected]
Enclaves [email protected]
Leverj Custodian [email protected] leverj.io
Orderbook Etherscan [email protected] Instruction
Synthetix [email protected]
UniSwap [email protected]

ERC20 Tokens

Name Ticker Mainnet Address Contact More info
Aelf ELF Etherscan [email protected]
Aeternity AE Etherscan [email protected]
Aion AION Etherscan [email protected]
AirSwap AST Etherscan [email protected] Bug bounty
Ampleforth AMPL Etherscan [email protected]
Aragon ANT Etherscan [email protected] Bug bounty
Augur REP Etherscan [email protected] Bug bounty
Aurora AOA Etherscan [email protected]
Bancor BNT Etherscan [email protected]
Banker Token BNK Etherscan [email protected]
Basic Attention Token BAT [email protected] Bug bounty
Bibox Token BIX Etherscan
Binance Coin BNB Etherscan [email protected] Bug Bounty
Bloom BLT Etherscan [email protected]
Brickblock BBK Etherscan [email protected]
Bytom BTM Etherscan [email protected]
ChainLink LINK Etherscan [email protected]
CyberMiles CMT Etherscan [email protected]
Dai DAI Etherscan [email protected]
Decentraland MANA Etherscan [email protected]
DentaCoin DCN Etherscan [email protected]
DigixDAO DGD
Dropil DROP Etherscan [email protected]
EToken Assets List of Assets [email protected] Many tokens are issued with EToken
Dynamic Trading Rights DTR Etherscan [email protected]
FEE Token FEE Etherscan [email protected]
FunFair FUN Etherscan [email protected]
Gnosis GNO Etherscan [email protected]
Golem GNT Etherscan [email protected]
Holo HOT Etherscan [email protected]
Hubiits HBT Etherscan [email protected]
IOST IOST Etherscan [email protected]
Jigstack STAK Etherscan [email protected]
Kin KIN Etherscan
KuCoin Shares KCS Etherscan [email protected]
Kyber Network KNC Etherscan [email protected]
Ledgerium LGUM Etherscan [email protected]
Leverj LEV Etherscan [email protected]
Loopring LRC Etherscan [email protected] Bug bounty
Loom Network LOOM Etherscan [email protected]
Mainframe MFT Etherscan [email protected]
Maker MKR Etherscan
Melon Token MLN [email protected] Bug bounty
Monaco MCO Etherscan [email protected]
Mithril MITH Etherscan
Mixin XIN Etherscan [email protected]
MUI Token MUI Etherscan [email protected]
Nahmii NII Etherscan [email protected]
Nectar NEC Etherscan [email protected]
NuCypher NU [email protected]
Nuls NULS Etherscan [email protected]
Numeraire NMR Etherscan [email protected]
ODEM ODEM Etherscan [email protected]
OmiseGO OMG Etherscan
Orderbook BTC OBTC Etherscan [email protected] Instructions
Orderbook USD OUSD Etherscan [email protected] Instructions
Paypex PAYX Etherscan [email protected]
POA20 Bridge POA20 Etherscan [email protected] Security page
PolySwarm NCT Etherscan [email protected] Security page
Polymath POLY Etherscan [email protected] Bug bounty
Populous PPT Etherscan [email protected]
Power Ledger POWR Etherscan [email protected]
Pundi X NPXS Etherscan [email protected]
QASH QASH Etherscan
Quantstamp QSP Etherscan [email protected] Bug bounty
RChain RHOC Etherscan
Ren REN Etherscan
Sai SAI Etherscan
Salt SALT Etherscan [email protected]
SelfKey KEY Etherscan [email protected]
SpankChain SPANK Etherscan [email protected]
Synthetix SNX Proxy Underlying [email protected]
Synths (all flavors) sUSD, sETH, etc Proxy sUSD [email protected]
Status SNT Etherscan [email protected]
Storj STORJ Etherscan [email protected]
Tellor TRB Etherscan [email protected]
TenX PAY Etherscan [email protected]
Tether USDT Etherscan [email protected] , [email protected]
TrueUSD TUSD Etherscan [email protected]
USDCoin USDC Etherscan [email protected]
Veritaseum VERI Etherscan
Waltonchain WTC Etherscan [email protected]
WAX WAX Etherscan [email protected]
Zilliqa ZIL Etherscan [email protected]

ERC721 Tokens

Name Mainnet Address Contact More Info
CryptoKitties (CK) Etherscan
Gods Unchained (GODS) Etherscan

Exchanges

Name Contact More Info
A1 Exchange [email protected]
BCEX [email protected], [email protected]
Bankera Exchange [email protected]
Bibox [email protected]
Binance [email protected] Bug Bounty
Bitaccess [email protected] Bug bounty
Bittrex [email protected]
Bit-Z [email protected]
Bitfinex [email protected]
bitFlyer [email protected]
Bitforex [email protected], [email protected]
Bitso [email protected]
Bitstamp [email protected]
BitMEX [email protected] Security page
Blockchain [email protected] Bug bounty
Coinbase Bug bounty
Coinbene [email protected]
Coinbit [email protected]
CoinExchange [email protected]
Coinfinity [email protected] (PGP) Security page
Coinify [email protected]
Coinsquare [email protected]
Coinsuper [email protected]
CoinSwitch [email protected]
CryptoFacilities [email protected]
Digifinex [email protected]
DOBI [email protected]
Ethfinex [email protected]
Exmo [email protected]
EXX [email protected]
Faa.st [email protected] Bug bounty
Gemini Trust [email protected] Security page
HitBTC [email protected], [email protected]
Huobi Global [email protected] Security page
ICONOMI [email protected]
IDAX [email protected]
Kraken [email protected] Bug Bounty
Leverj [email protected] leverj.io
OKEx [email protected], [email protected]
Orderbook [email protected] Instructions
Poloniex [email protected]
qTrade.io [email protected]
QuadrigaCX [email protected]
SFOX [email protected] Bug Bounty
ShapeShift [email protected] Disclosure Program
SpectroCoin [email protected] Bug bounty
Trade.io [email protected]
Tokens [email protected] Security page
ZBG [email protected]

Infrastructure

Name Contact More Info
Ambisafe SaaS [email protected]
Etherscan
GasTracker [email protected]
Infura [email protected]
PegaSys [email protected] For Pantheon, Orion, and Artemis: Ethereum 1.0/2.0/EEA clients
SafeBlocks Firewall [email protected]
Upvest [email protected]
QuikNode [email protected]
Vyper [email protected] Security Policy

Wallets

Name Contact More info
Ambisafe CryptoWallet [email protected]
Arkane [email protected]
Blockchain [email protected] Bug bounty
BitGo [email protected]
Emerald Wallet [email protected]
Groundhog [email protected]
KeepKey [email protected] Disclosure Program
Ledger [email protected] Bug bounty
MetaMask [email protected] Bug bounty
MyCrypto [email protected] Disclosure Program
MyEtherWallet [email protected] Bug bounty
Parity [email protected] Bug bounty
SelfKey [email protected]
SovereignWallet [email protected]
Trustwallet [email protected]
Unchained Capital [email protected] Bug Bounty
Upvest [email protected]

More Repositories

1

slither

Static Analyzer for Solidity and Vyper
Python
5,270
star
2

echidna

Ethereum smart contract fuzzer
Haskell
2,714
star
3

building-secure-contracts

Guidelines and training material to write secure smart contracts
Solidity
2,208
star
4

not-so-smart-contracts

Examples of Solidity security issues
Solidity
2,150
star
5

awesome-ethereum-security

A curated list of awesome Ethereum security references
1,318
star
6

evm-opcodes

Ethereum opcodes and instruction reference
1,300
star
7

ethersplay

EVM dissassembler
Python
836
star
8

solc-select

Manage and switch between Solidity compiler versions
Python
747
star
9

pyevmasm

Ethereum Virtual Machine (EVM) disassembler and assembler
Python
353
star
10

rattle

evm binary static analysis
Python
349
star
11

etheno

Simplify Ethereum security analysis and testing
Python
330
star
12

ida-evm

IDA Processor Module for the Ethereum Virtual Machine (EVM)
Python
307
star
13

medusa

Parallelized, coverage-guided, mutational Solidity smart contract fuzzing, powered by go-ethereum
Go
292
star
14

properties

Pre-built security properties for common Ethereum operations
Solidity
281
star
15

crytic-compile

Abstraction layer for smart contract build systems
Python
150
star
16

amarna

Amarna is a static-analyzer and linter for the Cairo programming language.
Python
148
star
17

caracal

Static Analyzer for Starknet smart contracts
Cairo
130
star
18

slither-action

Shell
128
star
19

evm_cfg_builder

EVM CFG recovery
Python
118
star
20

echidna-streaming-series

A 6-part series on how to use Echidna on real-world codebases
Solidity
97
star
21

optik

Optik is a set of symbolic execution tools that assist smart-contract fuzzers
Python
89
star
22

fuzz-utils

A tool to automatically generate Foundry unit test cases from Echidna and Medusa failed properties
Solidity
89
star
23

roundme

Rust
86
star
24

tayt

StarkNet smart contract fuzzer
Python
75
star
25

diffusc

Experimental tool to ease the review of smart contracts upgrades
Solidity
74
star
26

tealer

Static Analyzer for Teal
Python
61
star
27

echidna-action

GitHub Action to run Echidna, the Ethereum smart contract fuzzer
Shell
59
star
28

attacknet

Tool and testing methodology for subjecting blockchain devnets to simulated network and side channel attacks
Go
54
star
29

fluxture

A crawling framework for blockchains and peer-to-peer systems
Python
46
star
30

secureum-medusa

Solidity
43
star
31

echidna-spearbit-demo

Example code for testing using Echidna explained during the Spearbit presentation
Solidity
39
star
32

slither-docs-action

Write documentation for your code in pull requests using Slither and OpenAI.
TypeScript
36
star
33

solana-lints

Lints based on the Sealevel Attacks
Rust
30
star
34

contract-explorer

Visual Studio Code integration for Slither, a Solidity static analysis framework
TypeScript
30
star
35

echidna-parade

Python
28
star
36

trailofbits-security

The Trail of Bits Truffle Security Toolbox
JavaScript
24
star
37

whipstaff

A specification of the CBC Casper consensus protocols written in TLA+ and PlusCal (transpiled to TLA+)
TLA
20
star
38

cloudexec

A general purpose foundation for cloud-based fuzzing and mutation testing jobs
Go
17
star
39

damn-vulnerable-defi-echidna

Solidity
12
star
40

slither-docs-demo

A demo on how to use the slither-docs actions (https://github.com/crytic/slither-docs-action)
Solidity
11
star
41

medusa-geth

A go-ethereum fork enabling additional testing capabilities for medusa
10
star
42

amarna-action

Github action for the Amarna static analyzer
Shell
9
star
43

slightly-smarter-contracts

Python
7
star
44

vscode-starknet-explorer

StarkNet support extension for VSCode. Visualize StarkNet contracts: view storage variables, external and view functions, and events.
TypeScript
6
star
45

solc

4
star
46

fuzz-vs-fv

TypeScript
4
star
47

embark-contract-info

embark-contract-info
JavaScript
3
star
48

addressarrayutils_demo

Demonstration for using echidna to test a Solidity library
Solidity
2
star
49

remix-plugin-8000

JavaScript
2
star
50

ethdam

2
star
51

slither-workshop

Slither workshop (secureum)
Python
1
star
52

slither-lsp

Python
1
star