The Omnify team is committed to maintianing the security, integrity and safety of all our users' data and transactions. This security policy outlines our procedures for handling security vulnerabilities and our disclosure policy.
This project only supports the latest release which is v1.1.9 for the landing page and v1.2.0 for the dapp. We recommend that users always use the latest version of Omnify.
Upon discovery of a vulnerability, reach out to any of the repository's contributors via their E-mail or Telegram (if declared).
Please provide the following details when reporting a vulnerability:
- Which network you found the vulnerability on
- Which one of Omnify's features the vulnerability exists in
- A clear description of the vulnerability
- Steps to reproduce
- Any relevant code or config files
We follow a private disclosure policy. If you discover a security vulnerability, please report it privately via email or telegram to any of the contacts listed above. We will work to resolve it as quickly as possible.
We will not publicly disclose security vulnerabilities until a patch or fix is available.
We take security vulnerabilities very seriously and will respond to any claims about a vulnerability. Our plan of action is:
- Reviewing the report and debugging the vulnerability.
- Integrate a patch or fix for the vulnerability.
- Test the patch or fix.
- Deploying the patch or fix promptly.
- Notifying our community that the vulnerability has been patched or fixed.
This SECURITY.md file is based on the GitHub Security Policy Template.
Thank you for striving to keep Omnify secure!