Currently, ShadowLink is in early alpha development. Only the master branch is supported for security updates.

ShadowLink takes privacy and security extremely seriously. If you discover a vulnerability, especially one concerning the Onion Routing cryptography, DHT poisoning, memory safety, or traffic deanonymization, we would like to know about it so we can take steps to address it as quickly as possible.

Please do not report security vulnerabilities through public GitHub issues.

Instead, please send a private message to the repository maintainer directly. You can expect a response within 48 hours.

When reporting a vulnerability, please provide:

• A detailed description of the vulnerability and its impact.
• Steps to reproduce the issue.
• Any potential mitigation or solutions you can suggest.

We will acknowledge your report, investigate immediately, and work with you to safely deploy a patch before public disclosure.