If you believe you've found a security vulnerability in Karibu, please contact us immediately.

DO NOT disclose the vulnerability publicly.

Email: Abdullahiabdi1233@gmail.com

We take all security reports seriously and will respond as quickly as possible.

• Keep your API keys secure and never share them
• Test smart contracts thoroughly on testnet before deployment
• Keep your browser updated
• Verify contract addresses before interaction

After submitting your report, here's our response timeline:

We are committed to keeping you informed throughout this process with regular updates on our progress.

• Never share your Gemini API key or include it in client-side code
• Store your .env.local file securely and never commit it to public repositories
• Implement a regular schedule for API key rotation

• Always review the security analysis provided by Karibu before deployment
• Test contracts thoroughly on testnet before considering mainnet deployment
• Follow standard smart contract security best practices:
  • ✓ Check for reentrancy vulnerabilities
  • ✓ Validate all inputs
  • ✓ Handle edge cases in arithmetic operations
  • ✓ Implement proper access controls

• Keep your browser updated to the latest version
• Be cautious when interacting with third-party contracts
• Always verify contract addresses before interaction

Karibu includes several built-in security features to protect users:

We are continuously improving our security practices:

For any security-related questions or concerns not covered here, please contact us at Abdullahiabdi1233@gmail.com