Security Overview

The Security Policy on Match includes a vulnerability disclosure policy and guidelines for reporting vulnerabilities in the Match ecosystem. It explains the process for reporting and disclosing vulnerabilities through the use of the Immunefi Bug Bounty Program and how the Match team handles and resolves reported vulnerabilities. The contents of the policy help avoiding privacy violations and keeping information confidential. Also included are commitments from the Match team, such as not pursuing legal action and working with researchers to disclose issues in a timely manner. The disclosure process includes steps for verifying and confirming reported vulnerabilities, determining their potential impact on the Match platform, and patching and disclosing the vulnerability to the public. The payment process for reported vulnerabilities is also outlined and instructions for contacting the Match Security Team are provided. For more information, visit the Security Policy documentation sites:

Additionally, Match has a Simple Arrangement for Funding Upload (SAFU). The SAFU is a simple yet extensible way to specify a post-exploit policy for whitehats, particularly rewards and distributions. For more information, visit the SAFU section.

Last updated