Skip to content

Security: ethereumclassic/ECIPs

Security

SECURITY.md

Security Policy

Security concerns with each individual ECIP should be addressed to the ECIP authors, the specified discussion-to locations, or ECIP editors. Note that when an ECIP is already deployed, it is recommended to talk privately with the ECIP authors or ECIP editors first.

Security alerts related to the website source code will be addressed by ECIP editors. Security concerns related to hosting and delivery of the ecips.ethereumclassic.org website will be addressed by either org admins or ECIP editors. They will not be made public until mitigating solutions are identified. Once a remedy is found, part of the repair process may be automated by Dependabot.

This site is licensed via multiple permissive and open source licenses, as specified in each ECIP.

Supported Branches

The only supported branch for specifications and website is the master branch.

Reporting a Vulnerability

For specification related security concerns, please contact the corresponding ECIP authors or ECIP editors (the list can be found in ECIP-1000). The PGP keys of community members can be fetched from the volunteer repository.

For website source code related concerns, please contact ECIP editors as in ECIP-1000. For security concerns related to hosting and delivery of ecip.ethereumclassic.org website, please contact security@ethereumclassic.org or ECIP editors.

There aren’t any published security advisories