We appreciate any contributions, responsible disclosures and will make every effort to acknowledge your contributions.
Please see Releases. Generally it is recommended to use the latest release.
To report a vulnerability, please email security@flashbots.net and provide all the necessary details to reproduce it, such as:
- Release version
- Operating System
- Consensus / Execution client combination and version
- Network (Mainnet or other testnet)
Please include the steps to reproduce it using as much detail as possible with
the corresponding logs from mev-boost and/or logs from the consensus/execution
client.
Once we have received your bug report, we will try to reproduce it and provide a more detailed response. When the reported bug has been successfully reproduced, the team will work on a fix.