Security

SECURITY.md

Security Policy

Reporting a vulnerability

Please report security issues privately by opening a GitHub security advisory or contacting the maintainer directly.

Include:

Affected component/file
Reproduction steps
Potential impact
Suggested remediation (if available)

Scope

Security-sensitive areas include:

E2E handshake and encryption logic
Replay/rekey session handling
Relay authentication and rate-limiting logic
Deployment/TLS configuration

Disclosure

Do not publish exploit details before a fix is available.

There aren’t any published security advisories