| Version | Supported |
|---|---|
| 1.0.x | ✅ |
| < 1.0 | ❌ |
We take the security of MicroLend seriously. If you believe you have found a security vulnerability, please report it to us as described below.
Please send a detailed report to [email protected] with:
- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Any suggested fixes (if available)
- Initial Response: You will receive an acknowledgment within 24 hours.
- Status Updates: We will provide updates every 48-72 hours on the progress.
- Resolution Timeline: We aim to resolve critical issues within 7 days.
- All smart contract interactions are audited
- Regular security assessments are performed
- Emergency stop mechanism for critical situations
- Multi-signature requirements for admin functions
-
Wallet Security
- Use hardware wallets when possible
- Never share private keys
- Keep wallet software updated
-
Platform Usage
- Verify transaction details before signing
- Monitor loan health regularly
- Enable notifications for important events
-
Account Security
- Use strong passwords
- Enable two-factor authentication
- Regular security audits
- Formal verification of critical functions
- Rate limiting on sensitive operations
- Comprehensive access controls
- Emergency shutdown capability
- Input validation and sanitization
- Secure communication protocols
- Regular dependency updates
- XSS and CSRF protection
- DDoS protection
- Regular security patches
- Encrypted data storage
- Automated monitoring
We kindly ask you to:
- Allow us time to investigate and fix the issue
- Keep vulnerability details private until fixed
- Avoid accessing or modifying user data
- Act in good faith to avoid privacy violations