Skip to content

Security: Sats-Terminal/borrow-sdk-example

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

If you discover a security vulnerability in this project, please report it responsibly.

Please do NOT open a public issue for security vulnerabilities.

Instead, please report security issues by emailing the maintainers directly or through GitHub's private vulnerability reporting feature.

What to Include

When reporting a vulnerability, please include:

  1. Description of the vulnerability
  2. Steps to reproduce the issue
  3. Potential impact
  4. Any suggested fixes (if applicable)

Response Timeline

  • We will acknowledge receipt within 48 hours
  • We will provide an initial assessment within 7 days
  • We will work with you to understand and resolve the issue

Scope

This security policy applies to the example application code in this repository.

For security issues related to the @satsterminal-sdk/borrow SDK itself, please report those to the Sats Terminal team directly.

Best Practices for Users

When using this example:

  1. Never commit API keys - Keep your .env file private
  2. Use testnet first - Always test on testnet before mainnet
  3. Keep dependencies updated - Regularly run pnpm update
  4. Review code changes - Understand any modifications before deploying

Supported Versions

Version Supported
1.x.x
< 1.0

Thank you for helping keep this project secure!

There aren't any published security advisories