The WeVibe Network is in pre-production alpha. We take security seriously and welcome responsible disclosure.
Do not file public GitHub issues for security vulnerabilities.
Please email security reports to: security@wevibe.network
Include:
- Description of the vulnerability
- Steps to reproduce
- Affected component(s)
- Suggested mitigation (if any)
We will acknowledge receipt within 72 hours and provide a status update within 7 days.
During alpha, only the latest commit on main of each repository
receives security updates.
In scope:
- All code in github.com/WeVibe-Network/*
- Protocol design flaws
- Cryptographic weaknesses
Out of scope:
- Third-party dependencies (report upstream)
- Denial of service from a single client
- Issues requiring physical access