# Responsible disclosure form:
Contact: https://docs.google.com/forms/d/e/1FAIpQLSduxyHo_jDrsaxisC2j94PAGs8zO0yHVlh5FculaA3Cs0pffg/viewform?usp=header
# For all other queries please contact:
Contact: mailto:support@simtheory.ai
Expires: 2035-01-01T09:00:00.000Z
Preferred-Languages: en
Canonical: https://simtheory.ai/.well-known/security.txt
# Policies
Policy: https://simtheory.ai/terms/
Policy: https://simtheory.ai/privacy/

# Bug Bounty Rates (as of 14th October 2025)
#
# Per Simtheory Responsible Disclosure Policy:
#
# | Severity           | Bounty (USD) |
# |--------------------|--------------|
# | Low (0.1 - 3.9)    | $25.00       |
# | Medium (4.0 - 6.9) | $60.00       |
# | High (7.0 - 8.9)   | $250.00      |
# | Critical (9.0+)    | $500.00      |

# ========================================
# Simtheory Responsible Disclosure Policy
# ========================================
# 
# Last Updated: 14th October 2025
# 
# At Simtheory (simtheory.ai), we take the security of our systems seriously, and we value the security community. We appreciate and encourage researchers to identify and report potential vulnerabilities to us.
# 
# ---
# How to Report a Vulnerability
# ---
# 
# If you believe you've discovered a security vulnerability in our service, please let us know immediately by filling in this form: https://docs.google.com/forms/d/e/1FAIpQLSduxyHo_jDrsaxisC2j94PAGs8zO0yHVlh5FculaA3Cs0pffg/viewform?usp=header 
# 
# Please include a detailed description of the issue and steps to reproduce it so we can resolve it quickly.
# 
# ---
# Our Commitment to You
# ---
# 
# *   We will respond to your report promptly, usually within 3-5 business days.
# *   We will not take legal action against you if you act in good faith and follow this policy (our "Safe Harbor" promise).
# 
# ---
# Rules of Engagement
# ---
# 
# To help protect our users and our service, we ask that you please:
# 
# *   ✅ Act in good faith. Make every effort to avoid privacy violations, data destruction, and service interruptions.
# *   ✅ Only interact with accounts you own or have explicit permission to test.
# 
# And please refrain from:
# 
# *   ❌ Denial of Service (DoS) or DDoS attacks.
# *   ❌ Spamming of any kind.
# *   ❌ Social engineering or phishing our employees, contractors, or customers.
# 
# ---
# Bug Bounties
# ---
# 
# We love to reward great work! Fill in this form to participate in the bug bounty program: https://docs.google.com/forms/d/e/1FAIpQLSduxyHo_jDrsaxisC2j94PAGs8zO0yHVlh5FculaA3Cs0pffg/viewform?usp=header 
# 
# Simtheory offers bug bounties for reports that identify serious and previously unknown security issues. Payouts are based on the severity, impact, and quality of your report. We handle each submission on a case-by-case basis.
# 
# ---
# Questions?
# ---
# 
# If you have any questions or are unsure about anything in this policy, please don't hesitate to reach out to us at **security@simtheory.ai**.
# 
# We look forward to working with you to keep Simtheory safe and secure for everyone.