ShadowLight Network takes security, safety, and responsible disclosure seriously.
We recognize that trust is foundational to adoption, collaboration, and long‑term success.
This document outlines how to report security issues and what to expect from us.
Security updates are provided for the latest released version of ShadowLight Network.
| Version | Supported |
|---|---|
| Latest release | ✅ Yes |
| Older versions | ❌ No |
If you are running an older version, please upgrade before reporting an issue.
Do NOT report security vulnerabilities through public GitHub issues or discussions.
If you discover a potential security issue, please report it responsibly using one of the following methods:
- Email:
security@shadowlight.network
(If this address is not yet active, use a private GitHub message to the repository owner.)
Please provide as much detail as possible:
- A clear description of the vulnerability
- Steps to reproduce (if applicable)
- Potential impact
- Any relevant logs, screenshots, or proof‑of‑concepts
We ask that you:
- Allow us reasonable time to investigate and address the issue
- Avoid public disclosure until a fix or mitigation is available
- Act in good faith and avoid exploitation of the issue
ShadowLight Network commits to:
- Acknowledge receipt of your report in a timely manner
- Investigate and assess the issue responsibly
- Communicate progress when appropriate
- Credit reporters when disclosure is made (if desired)
This security policy applies to:
- Core ShadowLight Network documentation
- Conceptual architectures
- Official workflows and tooling
Third‑party dependencies and external platforms are governed by their respective security policies.
Security in ShadowLight is not an afterthought.
It is treated as an integral part of system design, user trust, and long‑term resilience.
We appreciate the community’s role in helping keep ShadowLight strong.
Thank you for helping protect ShadowLight Network.