Hi aphelionz,
Thanks for applying and posting here.
We take security very seriously, which is why we have a bug bounty program with Immunefi, with bounties up to $2.5M. We would appreciate it if you could use your testing suite to look for valid vulnerabilities, and report those via Immunefi instead, as many other whitehat hackers and security researchers do. The bug bounty covers all components of The Graph’s stack.
When it comes to security grants, we believe this is the most efficient way to go for both parties. This is aligned with our retroactive funding scheme and approach.
Thank you so much, once again! We’re eager to know what your team finds out.