We welcome responsible security research. If you believe you have identified a vulnerability affecting our website or related services, please report it so we can investigate and remediate it as quickly as possible.
How to report
- Email: support@paragonchain.org
- Include a clear description of the issue, impact, reproduction steps, and any proof of concept where appropriate.
Safe harbor
We will not pursue legal action against researchers for good-faith testing conducted in line with this policy, provided the activity does not harm users, compromise data, or disrupt services.
Scope
- In scope: paragonchain.org and related marketing-site subdomains we control.
- Out of scope: social engineering, phishing, spam, denial-of-service, rate-limit abuse, physical attacks, or vulnerabilities in third-party platforms not owned or operated by us.
Research guidelines
- Do not access, modify, or exfiltrate data that is not your own.
- Do not intentionally degrade or interrupt our services.
- Do not test against users, wallets, or private accounts without permission.
- Give us a reasonable opportunity to investigate and resolve the issue before public disclosure.
Response targets
- Acknowledgement within 3 business days where practical.
- Ongoing updates during investigation and remediation where appropriate.
Contact
Security reports can be sent to support@paragonchain.org.