# How Unikname Handles Security Vulnerabilities?

Producing software inherently comes with risks. All software, especially new releases and substantial code re-writes, have a higher probability of producing bugs during production and initial release. To combat this, the Unikname teams has introduced modern testing methods, higher test coverage, a custom developed e2e testing framework and increased the availability for testing on our Development Network before the releases. Despite all of that, no one can catch every potential issue.

Instead of shying away from exposing security vulnerabilities, Unikname encourages academics, researchers, hobbyists and community members to find and disclose critical errors and bugs.

As an open-source, distributed network, we need to handle updates and critical errors more carefully than a traditional tech company.

The Unikname is not run by the Unikname organization, but by all its public Network Players. The team and the network players remain in close contact through different channels, however scheduling an upgrade means we must cross (1) language barriers, (2) timezones, (3) different opinions on the validity of the update.

We're working very close with our community and our partners, specially ARK.IO, to manage Security Vulnerabilities in the best efficient way. And because we've choosen and accepted to participate to the Powered by ARK(opens new window) we take direct benefices from their fixes and patches.

# Reporting

Do not contact any individual Unikname team member, Network Player or community member if you suspect you have found a vulnerability. Contact us at security@unikname.com and include:

  1. An in-depth explanation of the vulnerability.
  2. A guide to reproduce the hack.

OPTIONAL

  1. A proposed patch to fix the issue.