Acceptable Use
Last Updated: January 2025 This Acceptable Use Policy ("AUP") governs your use of the BlockSecOps platform and services. --- This policy ensures that...
Acceptable Use Policy
Last Updated: January 2025
This Acceptable Use Policy ("AUP") governs your use of the BlockSecOps platform and services.
1. Purpose
This policy ensures that BlockSecOps remains a safe, reliable, and ethical platform for all users. Violations may result in account suspension or termination.
2. Permitted Use
2.1 Authorized Scanning
You MAY use BlockSecOps to scan:
- Smart contracts you have written
- Contracts you own or control
- Contracts you have explicit authorization to analyze
- Open-source contracts for learning purposes
- Test contracts in development environments
2.2 Authorized Activities
You MAY:
- Integrate the Service into your CI/CD pipelines
- Share reports with your team and stakeholders
- Use findings to improve your code security
- Automate scanning through our API
- Generate compliance documentation
- Collaborate with team members on security reviews
3. Prohibited Use
3.1 Unauthorized Scanning
You may NOT:
- Scan contracts without owner authorization
- Use scanning to prepare attacks on contracts
- Scan contracts to identify exploit opportunities for malicious purposes
- Reverse engineer or extract proprietary code from third parties
3.2 Abuse of Service
You may NOT:
- Attempt to circumvent rate limits or quotas
- Share account credentials with unauthorized users
- Create multiple accounts to evade restrictions
- Use automation to abuse free tier limits
- Resell or redistribute the Service without authorization
3.3 Security Violations
You may NOT:
- Attempt to access other users' data
- Probe or test the vulnerability of our systems
- Interfere with Service availability
- Upload malicious code designed to harm our infrastructure
- Attempt to decrypt or intercept data
3.4 Illegal Activities
You may NOT use the Service for:
- Money laundering or terrorist financing
- Fraud or deception
- Violation of export control laws
- Any illegal purpose under applicable law
3.5 Harmful Content
You may NOT upload or transmit:
- Viruses, malware, or destructive code
- Content that infringes intellectual property
- Content designed to harass or harm others
4. Resource Limits
4.1 Fair Use
All plans include fair use expectations:
- Free: Personal learning and small projects
- Developer: Individual professional use
- Startup: Team use within stated limits
- Professional: Department or company-wide use
- Enterprise: Unlimited with custom terms
4.2 Rate Limits
API rate limits apply per plan:
- Respect stated limits
- Implement exponential backoff
- Do not attempt to circumvent limits
- Contact sales for higher limits
4.3 Storage
- Upload limits per scan
- Total storage limits per plan
- Excessive storage may be subject to additional charges
5. API Usage
5.1 API Keys
- Keep API keys confidential
- Rotate keys regularly
- Use separate keys for different environments
- Revoke compromised keys immediately
5.2 Automation
Automated use must:
- Respect rate limits
- Include proper error handling
- Not create excessive load
- Identify itself via User-Agent headers
5.3 Integration Guidelines
- Follow our API documentation
- Test in staging before production
- Handle errors gracefully
- Report bugs responsibly
6. Shared Resources
6.1 System Resources
BlockSecOps uses shared infrastructure. You agree to:
- Not monopolize system resources
- Accept fair scheduling of scan jobs
- Use appropriate scan presets for your needs
- Not run excessive parallel scans
6.2 Queue Etiquette
- Avoid submitting duplicate scans
- Use webhooks instead of polling
- Cancel scans you no longer need
- Schedule large batch jobs during off-peak hours
7. Vulnerability Disclosure
7.1 Reporting Bugs
If you discover a security vulnerability in BlockSecOps:
- Report it to [email protected]
- Do not publicly disclose before we respond
- Allow reasonable time for remediation
- Do not exploit the vulnerability
7.2 Responsible Disclosure
We appreciate responsible disclosure and:
- Acknowledge all valid reports
- Keep reporters informed of progress
- Credit reporters (with permission)
- May offer bug bounty rewards
8. Content Standards
8.1 User-Generated Content
Content you create (reports, comments, annotations) must not:
- Contain hate speech or harassment
- Include personally identifiable information of others
- Violate confidentiality agreements
- Infringe on intellectual property
8.2 Team Communication
When using team features:
- Communicate professionally
- Respect colleagues
- Follow your organization's policies
- Report inappropriate behavior
9. Third-Party Services
9.1 Integrations
When connecting third-party services:
- Only connect services you're authorized to use
- Follow those services' terms of use
- Protect credentials and tokens
- Disconnect services when no longer needed
9.2 Webhooks
When configuring webhooks:
- Only send data to authorized endpoints
- Secure webhook secrets
- Handle webhook data responsibly
- Comply with data protection laws
10. Enforcement
10.1 Monitoring
We may monitor usage to:
- Detect and prevent abuse
- Ensure fair resource allocation
- Investigate reported violations
- Improve Service performance
10.2 Violations
Violation of this AUP may result in:
- Warning notification
- Temporary suspension
- Permanent account termination
- Legal action if warranted
10.3 Appeals
If you believe action was taken in error:
- Email [email protected]
- Provide relevant context
- Allow reasonable time for review
11. Reporting Violations
11.1 How to Report
Report suspected violations to:
- Email: [email protected]
- Include details and evidence
- We will investigate confidentially
11.2 Cooperation
You agree to cooperate with investigations:
- Provide requested information
- Preserve relevant data
- Respond to inquiries promptly
12. Changes to This Policy
We may update this AUP as needed. Changes will be:
- Posted with updated date
- Communicated for significant changes
- Effective immediately upon posting
13. Contact
For questions about this policy:
Email: [email protected]
Abuse Reports: [email protected]
Security Reports: [email protected]