If you discover a security vulnerability in the Tunnels Protocol, please report it by emailing:
Please include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes (optional)
We will acknowledge receipt within 48 hours and provide a detailed response within 7 days.
This policy covers:
- tunnels-node
- tunnels-core
- tunnels-sdk
- tunnels-wallet
- All other crates in this repository
We ask that you:
- Give us reasonable time to address the issue before public disclosure
- Avoid accessing or modifying other users' data
- Act in good faith to avoid privacy violations and service disruption