The following versions of Mainstay are currently being supported with security updates.

We take the security of Mainstay very seriously. If you believe you have found a security vulnerability in our smart contracts or core infrastructure, please report it to us as soon as possible.

Do not open a public GitHub issue for security vulnerabilities.

1. Report: Send an email to security@twintrust.io with details of the vulnerability.
2. Acknowledgment: We will acknowledge receipt of your report within 48 hours.
3. Investigation: Our team will investigate the issue and may contact you for further information.
4. Resolution: Once verified, we will work on a fix and coordinate a disclosure timeline.
5. Recognition: We value the work of security researchers and will provide credit in our release notes (unless you prefer to remain anonymous).

• Provide sufficient detail to reproduce the vulnerability.
• Give us reasonable time to resolve the issue before making any information public.
• Avoid privacy violations, destruction of data, and interruption or degradation of our service.

Thank you for helping us keep Mainstay secure!