If you discover a security vulnerability in SolidityGuard itself (not in contracts you scan), please report it responsibly.
Email: maintainers@altresear.ch
Please include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
Do NOT:
- Open a public issue for security vulnerabilities
- Exploit the vulnerability beyond what is needed to demonstrate it
- Acknowledgment: Within 48 hours
- Assessment: Within 1 week
- Fix: As soon as reasonably possible, depending on severity
This security policy covers:
- The SolidityGuard web application (solidityguard.org)
- The SolidityGuard desktop application
- The SolidityGuard CLI tool
- The backend API
This does not cover:
- Vulnerabilities in third-party tools (Slither, Mythril, etc.)
- Vulnerabilities in contracts you scan with SolidityGuard
| Version | Supported |
|---|---|
| Latest release | Yes |
| Older versions | No |