Security

Report a vulnerability

SECURITY.md

Security Policy

Audit Status

Component	Status	Auditor
opnet	Audited	Verichains

Supported Versions

Version	Status
1.8.x	Supported
< 1.7	Not supported

Reporting a Vulnerability

DO NOT open a public GitHub issue for security vulnerabilities.

Report vulnerabilities through GitHub Security Advisories.

Include:

Description of the vulnerability
Affected version(s)
Steps to reproduce
Potential impact
Suggested fix (if any)

Response Timeline

Action	Timeframe
Initial response	48 hours
Vulnerability assessment	7 days
Patch development	14-30 days
Public disclosure	After patch

Security Scope

In Scope

Provider implementations (JSON-RPC, WebSocket)
Contract interactions and ABI encoding/decoding
Transaction building and signing
UTXO management
Cryptographic operations

Out of Scope

Third-party dependencies (report to respective maintainers)
User application logic errors
Issues in development/test environments only

Contact

Security Issues: GitHub Security Advisories
General Issues: GitHub Issues
Website: opnet.org

There aren’t any published security advisories