btcpay-plugin/SECURITY.md

# Security Policy

## Supported Versions

We currently support the following versions of the Lethean plugin for BTCPayServer:

| Version | Supported   |
|---------|-------------|
| 1.1.x   | ✅ Yes       |
| 1.0.x   | ❌ No        |

## Reporting a Vulnerability

If you discover a security vulnerability, we strongly encourage responsible disclosure.

Please **do not** create public GitHub issues or pull requests for security-related matters.

Instead, report it privately by contacting repository admins:

- Matrix: [#btcpay-lethean:matrix.org](https://matrix.to/#/#btcpay-lethean:matrix.org)

Include as much information as possible:
- Vulnerability description
- Affected version(s)
- Reproduction steps or proof-of-concept
- Impact assessment

We aim to respond within **3 days** and will coordinate disclosure once a fix is available.

## Security Best Practices

When contributing code, please follow these security practices:
- Validate and sanitize all external inputs
- Avoid using deprecated or insecure libraries
- Do not hardcode credentials or secrets
Create SECURITY.md (#42) 2025-06-22 09:59:03 -05:00			`# Security Policy`

			`## Supported Versions`

rebrand(lethean): update branding, ports, and config for Lethean blockchain - Coin: Zano → Lethean, ticker: ZAN/ZANO → LTHN - Ports: 11211 → 36941 (mainnet RPC), 46941 (testnet RPC) - Wallet: 11212 → 36944/46944 - Address prefix: iTHN - URLs: zano.org → lethean.io - Explorer links: explorer.lthn.io Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-04-01 22:24:13 +01:00			`We currently support the following versions of the Lethean plugin for BTCPayServer:`
Create SECURITY.md (#42) 2025-06-22 09:59:03 -05:00
Auto load wallet on start up if available and deprecate password Co-authored-by: Deverick <5827364+deverickapollo@users.noreply.github.com> 2026-01-13 18:53:53 +01:00			`\| Version \| Supported \|`
			`\|---------\|-------------\|`
			`\| 1.1.x \| ✅ Yes \|`
			`\| 1.0.x \| ❌ No \|`
Create SECURITY.md (#42) 2025-06-22 09:59:03 -05:00
			`## Reporting a Vulnerability`

			`If you discover a security vulnerability, we strongly encourage responsible disclosure.`

			`Please do not create public GitHub issues or pull requests for security-related matters.`

			`Instead, report it privately by contacting repository admins:`

rebrand(lethean): update branding, ports, and config for Lethean blockchain - Coin: Zano → Lethean, ticker: ZAN/ZANO → LTHN - Ports: 11211 → 36941 (mainnet RPC), 46941 (testnet RPC) - Wallet: 11212 → 36944/46944 - Address prefix: iTHN - URLs: zano.org → lethean.io - Explorer links: explorer.lthn.io Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> 2026-04-01 22:24:13 +01:00			`- Matrix: [#btcpay-lethean:matrix.org](https://matrix.to/#/#btcpay-lethean:matrix.org)`
Create SECURITY.md (#42) 2025-06-22 09:59:03 -05:00
			`Include as much information as possible:`
			`- Vulnerability description`
			`- Affected version(s)`
			`- Reproduction steps or proof-of-concept`
			`- Impact assessment`

			`We aim to respond within 3 days and will coordinate disclosure once a fix is available.`

			`## Security Best Practices`

			`When contributing code, please follow these security practices:`
			`- Validate and sanitize all external inputs`
			`- Avoid using deprecated or insecure libraries`
			`- Do not hardcode credentials or secrets`