Responsibe Disclosure

SECURITY AT VELA GAMES

We ask players to put a lot of trust in us when they invest their precious spare time playing our games. The security of player data, the associated services, and the game’s integrity are paramount to all at Vela Games. All teams across Vela Games work to protect and are always mindful of our players, their data, and game integrity.

Our security efforts include implementing best practices internally, such as secure software development and internal reviews, and conducting ongoing external security assessments and threat modeling.

VULNERABILITY DISCOVERY ON A VELA GAMES SERVICE

At this stage, we do not have a bug bounty program; however, we are grateful to anyone responsibly disclosing security vulnerabilities to us. If you would like to report a security vulnerability or breach concerning any Vela Games service, infrastructure, or anything impacting the integrity and fairness of our games, please email us at [email protected].

We respectfully request that you do not publicly disclose any information regarding the vulnerability or exploit until we have had the opportunity to analyze your report and respond to the notification. We aim to be as transparent as possible and will keep you informed as much as possible. To respond promptly to your report, please include:

• Easy-to-follow reproduction steps

• Vulnerability proof of concept 

• Relevant tools (including versions)

• Any tool output

• Note: We may subsequently ask for information regarding verification and/or clarification.

As part of our commitment to transparency, we will provide you with status updates regarding remediation. If there is a subsequent published public security bulletin, the reporter of a vulnerability will receive credit.

HOW TO CONTACT US

For all security-related issues, please email us at [email protected]. If you would like to email us securely, please use the following GPG key:

You can fetch the key and view various proof of identity claims from Keybase.io here.