We maintain security updates only for the most recent stable versions of FreeFlow. Older versions may become unsupported as the protocol evolves.
| Version | Supported |
|---|---|
| 1.1.x | yes |
| 1.0.x | no |
| < 1.0 | no |
If you discover a security vulnerability in FreeFlow, we strongly encourage you to report it privately and responsibly.
Please do not open public issues for security flaws.
- Email:
eermoluk3@gmail.com - Optionally use PGP encryption (key coming soon)
- You can also open a private GitHub Security Advisory if you prefer.
- You will receive a response within 5 business days
- We will investigate and, if necessary, prepare a fix within 14 days
- If confirmed, you’ll be credited in the changelog (if desired)
FreeFlow is built with decentralization, privacy, and user safety in mind. We welcome white-hat contributions and will prioritize vulnerabilities that affect:
- Device deanonymization
- Ledger tampering (PoCCA)
- Relay manipulation or DoS vectors
- Cryptographic exploits
Let’s build a resilient and censorship-resistant world together.