| Component | Status | Auditor |
|---|---|---|
| transaction | Audited | Verichains |
| Version | Status |
|---|---|
| 1.7.x | Supported |
| < 1.7 | Not supported |
DO NOT open a public GitHub issue for security vulnerabilities.
Report vulnerabilities through GitHub Security Advisories.
Include:
- Description of the vulnerability
- Affected version(s)
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
| Action | Timeframe |
|---|---|
| Initial response | 48 hours |
| Vulnerability assessment | 7 days |
| Patch development | 14-30 days |
| Public disclosure | After patch |
- Transaction parsing and validation
- Cryptographic operations (signatures, hashing)
- Address handling and derivation
- Network communication protocols
- UTXO management
- Script parsing and execution
- Third-party dependencies (report to respective maintainers)
- User application logic errors
- Issues in development/test environments only
- Security Issues: GitHub Security Advisories
- General Issues: GitHub Issues
- Website: opnet.org