This is an academic security research repository published by Innora AI Security Research Lab. All proof-of-concept demonstrations in this repository have been fully redacted — private keys, server addresses, production credentials, and other sensitive data have been removed or replaced with placeholders before public release.
For the full responsible disclosure timeline, see RESPONSIBLE-DISCLOSURE.md.
This repository contains historical research artifacts and is not a maintained software product. No version support matrix applies.
If you identify a security issue within this repository itself (e.g., accidentally committed sensitive data, a supply-chain risk in tooling, etc.), please report it responsibly:
- Email: feng@innora.ai
- Subject:
[SECURITY] hash-collision-lab — <brief description> - Response time: We aim to respond within 72 hours.
Please do not open a public GitHub issue for security-sensitive findings.
| In Scope | Out of Scope |
|---|---|
| Sensitive data accidentally present in this repo | Vulnerabilities in third-party tools referenced by the research |
| Security issues in the repository's CI/tooling | Theoretical weaknesses already documented in the paper |
All vulnerabilities described in this repository were reported to the affected vendor (Ant Group) before public disclosure, following the 90-day coordinated disclosure standard. See RESPONSIBLE-DISCLOSURE.md for the full timeline.
- Jiqiang Feng — feng@innora.ai
- Innora AI Security Research Lab — https://innora.ai