Incident response process

When a security incident (bug, exploit, misbehavior) occurs, Buburuza follows a structured process:

  1. Detection

    • Automatic alerts / monitoring (e.g. for unusual transaction patterns, sequencer behavior).

    • Reports from users, auditors, or bug bounty submissions.

  2. Triage & Assessment

    • Classify severity (impact on funds, availability, data integrity).

    • Gather technical details, logs, state snapshots.

  3. Containment

    • If possible: pause affected components (e.g. disable certain functions, stop propagation).

    • Deploy hotfix or revert to safe mode if smart contracts allow it (upgradeable proxies, etc.).

  4. Communication

    • Public notification of incident (transparency).

    • Internal coordination among engineers, validators, and governance.

    • Regular status updates to community.

  5. Remediation / Patch

    • Fix bug, test, audit.

    • Deploy patch via governance / upgrade process if required.

  6. Post-Incident Analysis

    • Root cause analysis.

    • Publish report (what happened, how fixed, lessons learned).

    • Review whether existing mitigation/monitoring was sufficient; possibly update security design.

  7. Prevention

    • Use lessons to improve audits, code reviews, security practices.

    • Update documentation, best practices, possibly improve bounty incentives.

PreviousCommon risks and mitigationsNextDeploying ERC-20 on Buburuza

Last updated