Skip to content
This repository was archived by the owner on Feb 17, 2026. It is now read-only.

Security: BitBadges/bitbadges-tools

Security

SECURITY.md

Security Policy

Supported Versions

Version Supported
Latest

Reporting a Vulnerability

We take security seriously at BitBadges. If you discover a security vulnerability, please report it responsibly.

How to Report

  1. Do NOT open a public GitHub issue for security vulnerabilities
  2. Email us at: security@bitbadges.io
  3. Include:
    • Description of the vulnerability
    • Steps to reproduce
    • Potential impact
    • Any suggested fixes (optional)

What to Expect

  • Acknowledgment: Within 48 hours
  • Initial Assessment: Within 7 days
  • Resolution Timeline: Depends on severity, typically 30-90 days

Scope

This policy applies to:

  • bitbadgeschain (blockchain)
  • bitbadgesjs (SDK)
  • bitbadges-indexer (API/indexer)
  • bitbadges-frontend (web app)
  • All other BitBadges repositories

Recognition

We appreciate responsible disclosure and may publicly acknowledge security researchers who report valid vulnerabilities (with permission).

Security Best Practices

When integrating with BitBadges:

  • Always validate signatures and proofs
  • Use HTTPS for all API calls
  • Keep dependencies updated
  • Follow the principle of least privilege

There aren’t any published security advisories