Email security@bitsafe.finance with:
- A clear description of the issue
- Steps to reproduce
- Impact assessment (what an attacker could do)
- Your contact info for follow-up
We will:
- Acknowledge within 48 hours
- Triage and respond with timeline within 5 business days
- Credit you in the fix announcement (unless you prefer anonymity)
This repo contains docs + non-runtime code snippets. Most security work for NanoClaw itself happens at the upstream framework repo.
If your finding is about BitSafe's production infrastructure (not just the docs), please reach out via security@bitsafe.finance directly.
- Issues only present on forks
- Theoretical issues without a working proof-of-concept
- Social engineering