Please do not file a public ticket mentioning the vulnerability.
To disclose a vulnerability, please submit a Security Advisory via the
Security tab on this repository. If security reporting is not available,
please email security@celestia.org.
Vulnerabilities may be eligible for a reward through Celestia's bug bounty program on HackenProof. If you believe the vulnerability qualifies for a bounty, please report it through HackenProof first.