Responsible Disclosure¶
Bullpen CLI is a money-handling command-line tool. If you find a vulnerability, please report it privately so we can verify the issue and coordinate a fix.
How to Report¶
Open a private support ticket and start the subject with [SECURITY]:
https://bullpen-help.freshdesk.com/support/tickets/new
Do not file public GitHub issues for sensitive reports.
What to Include¶
Useful reports include:
- Bullpen CLI version and install channel
- operating system and CPU architecture
- exact commands or steps to reproduce
- expected behavior and actual behavior
- security impact, including whether funds, credentials, or private customer data could be affected
- logs or screenshots with secrets redacted
Never send access tokens, refresh tokens, Turnkey credential bundles, private keys, seed phrases, API keys, or raw signing credentials.
Scope¶
In scope:
- Bullpen CLI source code and command behavior
- local credential storage, encryption, recovery, and logout behavior
- CLI install scripts and update paths
- npm, Homebrew, GitHub release, and binary distribution artifacts
- leaked customer data, embedded secrets, or unsafe diagnostics in CLI output
Out of scope:
- social engineering, phishing, spam, or physical attacks
- denial-of-service or rate-limit testing without written approval
- issues in third-party platforms unless Bullpen CLI mishandles them
- destructive tests, unauthorized trading, or accessing another user's account or funds
Customer Authentication¶
Official customer builds are designed so normal logged-in Polymarket trading and gasless transaction requests authenticate with the user's Bullpen session.
Historical reports involved non-customer service bootstrap metadata in some build paths. Current official customer artifacts must not embed service bootstrap secrets; normal trading should use customer-session authentication.
Private provider credentials are also runtime-only. Official artifacts must not embed private Polygon, Arbitrum, Solana, Jupiter, Polygonscan, Etherscan, or third-party RPC/API tenant tokens at build time. Support-facing config/status output should preserve host-level context while redacting userinfo, path tokens, query strings, and fragments.
Reports about accidental embedded secrets, customer credentials, private API tokens, unsafe logs or output, proxy bypass, abuse controls, rotation, or version-gate failures are in scope.
Privacy, Telemetry, and Logs¶
Release builds send scrubbed error and panic reports to Sentry by default unless
BULLPEN_DISABLE_TELEMETRY=1 is set. See Telemetry for what
is collected, what is scrubbed, and how to opt out.
Local logs under ~/.bullpen/log/ stay on the user's machine unless the user
shares them. The Sentry scrubber does not rewrite local log files. Privacy leaks
in Sentry events, command output, local logs, support artifacts, or release
binaries are in scope; redact secrets before reporting.
Release Artifact Scanning¶
Release artifacts are scanned for accidental private RPC/API-key patterns and customer, support, and privacy identifiers. These scans are separate from the customer-mode artifact gate, which validates the JWT-only runtime diagnostic path.
Response Target¶
We aim to acknowledge security reports within 5 business days. Investigation time depends on severity, reproduction complexity, and whether a fix also requires backend or release-distribution changes.
Bounty Status¶
Bullpen does not currently operate a public paid bug bounty program for CLI reports. Submitting a report does not create an entitlement to payment. We may provide acknowledgement or attribution when appropriate and mutually agreed.
Coordinated Disclosure¶
Please give us a reasonable opportunity to investigate and remediate before public disclosure. A 90-day disclosure window is a good default unless we agree on a different timeline.
Safe Harbor¶
We will not pursue legal action for good-faith security research that follows this policy, avoids privacy violations, avoids service disruption, and does not move funds or access accounts without authorization.