Skip to content

Bug bounty, HackerOne

HELAÜLOOM operates an invite-only bug bounty programme on HackerOne during private beta, opening to the public at general availability.

In scope. helauloom.com, api.helauloom.com, authentication, vault APIs, and client-side encryption flows. Out of scope: third-party subprocessors, social engineering, and physical attacks.

Rewards. Critical up to $5,000. High $1,500. Medium $500. Low $100. Safe harbour applies to good-faith research per our security policy.

Report. security@helauloom.com or HackerOne once your invite is active. Use our PGP key for sensitive details.

Back to security