We value security for the project very highly. We encourage all users to report any vulnerabilities they discover to us. If you find a security vulnerability in the Genesis Sync Accelerator project, please report it responsibly by sending an email to cardano-gsa@tweag.io

At this juncture, we don't have a bug bounty program. We urge you to report any vulnerabilities responsibly so that we can continue building a secure application for the entire community.