Responsible Disclosure Policy


Welcome to Hyperfox's Responsible Disclosure Program. At Hyperfox, we deeply value the contributions of security researchers and our community in enhancing the security of our systems and safeguarding user data. Your efforts in responsibly reporting vulnerabilities are vital to maintaining the safety and integrity of our services.

Responsible Reporting Guidelines

We encourage the discovery and reporting of security issues in a responsible manner. To help us effectively assess and address reported vulnerabilities, please adhere to the following guidelines:
An orange checkmark icon.

Email submissions

Please send your detailed findings to hello@hyperfox.com. For secure communication, we encourage the use of encrypted email. Our PGP key is available upon request.
An orange checkmark icon.

Information to include

Provide a clear description of the issue, including steps to reproduce the vulnerability, the potential impact, and any technical details that would assist in our evaluation.
An orange checkmark icon.

Scope of testing

Your testing should avoid: attacks on physical security, social engineering tactics, distributed denial of service (DDoS) attacks, spamming, exploiting third-party applications or services.

Our commitments

Upon receiving your report, we commit to the following:
An orange checkmark icon.

Quick response

We aim to acknowledge receipt of your report within 48 hours and provide an initial assessment of the issue.
An orange checkmark icon.


We will maintain the confidentiality of your report and protect your identity, disclosing personal information only with your permission or when legally obligated.
An orange checkmark icon.


Every researcher contributing to our program will be recognized for their efforts. Significant contributions may be eligible for public acknowledgment in our Security Hall of Fame.

Expectations from researchers

Participants in Hyperfox's Responsible Disclosure Program are expected to:
An orange checkmark icon.

Respect the law

Ensure all activities are conducted lawfully and with respect for the privacy of others.
An orange checkmark icon.

Avoid misuse

Refrain from using the discovered vulnerability to access, modify, delete, or compromise data and systems.
An orange checkmark icon.

Collaborative resolution

Engage with us to securely resolve the vulnerability, keeping communication confidential until a fix is deployed.


This program covers all Hyperfox systems and services. We specifically invite research on our web platforms and APIs but exclude third-party applications and services.

Acknowledgments and rewards

While we primarily offer acknowledgment for contributions, exceptional reports that lead to significant improvements may be eligible for rewards. The criteria for rewards include the severity of the vulnerability and the quality of the report. Details on our rewards program are available upon request.

Legal protection

We assure researchers acting in good faith and adhering to our guidelines that Hyperfox will not pursue legal action against them. We expect researchers to refrain from public disclosure of vulnerabilities before a mutual agreement on the disclosure timeline is reached.

Updates to the policy

Hyperfox reserves the right to update this policy periodically. We encourage researchers to review the policy regularly for any changes.

Contact us

For further inquiries or suggestions regarding our Responsible Disclosure Program, please contact us at hello@hyperfox.com.
Thank you for your support and contribution to Hyperfox's security. Together, we are building a safer digital environment for everyone.