diff --git a/VULNERABILITY_RESPONSE_PROCESS.md b/VULNERABILITY_RESPONSE_PROCESS.md index 770a667..f44ecea 100644 --- a/VULNERABILITY_RESPONSE_PROCESS.md +++ b/VULNERABILITY_RESPONSE_PROCESS.md @@ -19,6 +19,10 @@ - do not abide by the VRP for responsible disclosure - do not allow the completion of VRP points I through IV +## Preamble (Monero) + +1. Attacks which require more than 50% of the network hash rate to execute are out of policy scope + ## Preamble (Kovri) 1. While Kovri is in a pre-Alpha release state, do not use HackerOne for disclosure. All Kovri issues MUST be directed to either [GitHub](https://github.com/monero-project/kovri) or Email