Security Policy

Last updated: October 8th 2023

Resonite and Yellow Dog Man Studios, take security very seriously. To find out our policy on security and security reporting please read on.

Reportable Issues

When it comes to security we're generally looking for the following items.

This is not an exhaustive list and you should use your best judgement when making a report. If an issue bothers you please consider reporting it. We would rather know about an issue then not.


As Resonite is a Beta/Early Access product, crashes are common and in some cases random. It is therefore ok to report these on our bug tracker.

However, if a crash is easily reproducible or easy to accidentally trigger, then a private report as a security issue is still valid.

Additionally, If a user is maliciously causing crashes please also submit that to our Moderation System.

Private Data

Due to our Peer to Peer infrastructure for sessions and flexibility/openness of in-session development, it can be unclear what we class as private data.

To clarify this, here is a list of common data that we don't consider private:

Reporting Security Issues

Never, report a security issue through:

Security issues must be reported via our support system.

Reporting format/contents

We don't have a standard format, but when reporting an issue be sure to include as much detail as possible. Try to include:

You should also indicate if you'd like to opt out of being credited for this report / discovery. When we resolve issues we may credit you in the change logs unless you opt out.

Reporting Rules

These guidelines are not intended to supersede or to overrule the general Guidelines but are designed to give you some additional guidance in the area of security issues.

We do not ban/restrict users for reporting security issues provided these are followed.

Reporting Process

Once a report has been submitted, the following items will happen:

  1. Acknowledgement - A response from our ticket system acknowledging receipt.
  2. Further Communication - After review, we may reach out with additional information or questions.
  3. Resolution - After the issue is resolved you will be notified.

Report Reviewers

Security reports are only reviewable by Team members.

Bug Bounties / Rewards

We're unable to offer rewards or bounties for reports currently. If this changes we will update this policy.