We take the security of qorechain-sdk and the QoreChain network seriously.
Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.
Instead, report them privately by email to:
Please include as much of the following as you can:
- A description of the vulnerability and its potential impact.
- Steps to reproduce, or a proof of concept.
- Any affected versions or packages.
- Suggested remediation, if you have one.
- We will acknowledge receipt of your report as soon as we can.
- We will investigate and keep you informed of our progress.
- We will work with you on coordinated disclosure once a fix is available.
We appreciate responsible disclosure and your help in keeping the ecosystem safe.
This project is in active development. Security fixes are applied to the latest released versions of each package. Older pre-release versions may not receive backported fixes.