Security Policy#

Deltakit takes security seriously. If you discover a potential vulnerability, please report it privately using the Report a Vulnerability feature on our repository. To minimise risk while we investigate the issue, please do not discuss the concern in a GitHub issue, pull request, or other public forum.

In your private report, please include:

  • a description of the issue and how it might be exploited,

  • your assessment of the severity of the threat,

  • steps that would trigger the vulnerability (if applicable),

  • any related platform or configuration details, and

  • information about any exploitations that have already occurred.

Once received, we will immediately acknowledge your report and reply with next steps. We will keep you informed of progress towards a fix, and we may ask for additional information or guidance. Once a fix is available, we will coordinate the disclosure notice with you, making every effort to credit your contribution unless you prefer to remain anonymous.

Thank you for your support!