From 724e671498b209de1c8d7c615d827d14bd573148 Mon Sep 17 00:00:00 2001
From: Jonathan Claudius <jclaudius@jumptrading.com>
Date: Tue, 10 May 2022 12:15:58 -0400
Subject: [PATCH] Add SECURITY.md and ref April 2022 audit (#170)

---
 SECURITY.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..26b95b14a
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,16 @@
+# Security
+
+## Bug Bounty Program (*work in progress*)
+
+We are in the process of designing a **bug bounty program** for Pyth.
+
+In the mean-time, if you find a security issue in Pyth, we ask that you reach out to our team via **[Discord](https://discord.com/invite/pythnetwork)**.
+
+## 3rd Party Security Audits
+
+We engage 3rd party firms to conduct independent security audits of Pyth.  At any given time, we likely have multiple audit streams in progress.
+
+As these 3rd party audits are completed and issues are sufficiently addressed, we make those audit reports public.
+
+- **[April, 8, 2022 - Zellic](https://github.com/pyth-network/audit-reports/blob/main/2022_04_08/pyth_oracle_client_zellic.pdf)**
+    - **Scope**: *Pyth Client*
\ No newline at end of file