The MyXen Foundation takes the security of the $MYXN token and our user's funds as our top priority.

DO NOT open a public GitHub issue for security vulnerabilities. This puts the entire ecosystem at risk.

If you have discovered a security vulnerability in the $MYXN token contract, the Treasury Multisig, or the Burn logic, please report it immediately via the following channels:

1. Email: security@myxen.org
2. PGP Key: (Link to Public Key - Optional)

Please include:

• Description of the vulnerability.
• Steps to reproduce.
• Potential impact.

MyXen Foundation operates a Bug Bounty program for critical smart contract vulnerabilities.

• Critical: Up to $50,000 (paid in $MYXN/USDC)
• High: Up to $10,000
• Medium: Up to $2,000

Detailed terms of the bounty program are available on our Wiki.

• We will acknowledge your report within 24 hours.
• We will provide a timeline for the fix within 72 hours.
• Public disclosure will occur only after the vulnerability is patched.