Skip to content

Security Research & Bug Reporting

Moosh welcomes responsible security research during the testnet phase.

We are particularly interested in reports related to:

  • Incorrect supply or borrow balance accounting
  • Inconsistent or unexpected interest accrual behavior
  • Deviations in liquidation triggers or execution paths
  • Risk parameter enforcement failures or bypass scenarios
  • Deployment or configuration issues that impact system correctness

The following are considered out of scope:

  • UI or visual defects
  • Expected instability caused by testnet resets, pauses, or redeployments
  • Limitations explicitly documented as part of the testnet environment

Potential security issues should be reported privately to the core team through official channels. Please do not disclose vulnerabilities publicly before coordination.