Cosmos Maintenance and Security
April 30, 2026 ยท View on GitHub
This repository houses references, artifacts, policies and deliverables for maintenance and security of the Cosmos Stack.
Programs
Maintenance
Cosmos Labs' maintenance policy for the Cosmos Stack is detailed in:
- Canonical release family lifecycle/support policy: https://docs.cosmos.network/sdk/latest/release-family
- Security repository policy and process references: ./POLICY.md
Bug Bounty
As part of our coordinated vulnerability disclosure policy, we offer a Safe Harbor to all security researchers who work with us in good faith. Please visit our Bug Bounty program at https://hackerone.com/cosmos to learn more, and to report any Security issues you may discover in the Cosmos Stack.
Additionally, the @security alias at security@cosmoslabs.io is continuously monitored for security coordination.
Security Outreach
You may have run across one of our advisories while working in the Cosmos Stack. To see a complete list of all public advisories, see ADVISORIES.md.
Our team will also post public resources about security topics in the resources folder.