The latest tagged release on main is supported.

Email security@devbounty.example (placeholder — replace before go-live).

Do not open a public issue for security reports. Expect an initial response within 72 hours.

• Smart contract logic (contracts/BountyEscrow.sol)
• Backend API and indexer (this repo)
• Frontend (devbounty-web)

• Social engineering of contributors
• DoS via paid Alchemy quota
• Issues in deployment infrastructure (Vercel, Render, Atlas) — report to those vendors directly