Add SECURITY.md and ref April 2022 audit (#170)

Jonathan Claudius · web-flow · commit 724e671498b2 · 2022-05-10T12:15:58.000-04:00
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,16 @@
+# Security
+
+## Bug Bounty Program (*work in progress*)
+
+We are in the process of designing a **bug bounty program** for Pyth.
+
+In the mean-time, if you find a security issue in Pyth, we ask that you reach out to our team via **[Discord](https://discord.com/invite/pythnetwork)**.
+
+## 3rd Party Security Audits
+
+We engage 3rd party firms to conduct independent security audits of Pyth.  At any given time, we likely have multiple audit streams in progress.
+
+As these 3rd party audits are completed and issues are sufficiently addressed, we make those audit reports public.
+
+- **[April, 8, 2022 - Zellic](https://github.com/pyth-network/audit-reports/blob/main/2022_04_08/pyth_oracle_client_zellic.pdf)**
+    - **Scope**: *Pyth Client*
