The following table shows which versions of this project are currently receiving security updates.
| Version | Supported |
|---|---|
| 0.2.x | ✅ |
| < 0.2 | ❌ |
Older versions (< 0.2.x) are no longer supported.
Please upgrade to the latest release to ensure you receive security fixes.
If you discover a security vulnerability affecting the TRAC Network,
please do not disclose it publicly (e.g., on social media, Discord, or GitHub Issues).
Instead, report it responsibly and confidentially through one of the following contacts:
- 📧 info@trac.network — protocol, API, infrastructure, or tooling vulnerabilities
Alternatively, you can use the “Report a vulnerability” option on GitHub if available.
- Do not exploit or test vulnerabilities on mainnet.
Use testnet environments or isolated local nodes for proof-of-concepts (PoCs). - Include clear and reproducible details in your report:
- affected component or module,
- minimal proof of concept (PoC) showing the issue,
- expected vs. actual behavior,
- estimated impact (e.g., fund loss, network instability, or data integrity issue),
- any relevant logs or transaction hashes if applicable.
- Please avoid:
- phishing or social engineering,
- denial-of-service (DoS) or spam tests,
- public disclosure before coordinated remediation.
- You will receive an acknowledgment within 72 hours of submission.
- The TRAC Network security team will investigate and validate the issue.
- If confirmed, we’ll provide updates on the remediation plan and timeline.
- After a fix is deployed, we may publicly recognize your contribution (with your consent).
Thank you for helping us keep the TRAC Network ecosystem secure and resilient 💙