Skip to content

Security: metagov/daostar

Security

SECURITY.md

Security Policy

Introduction

DAOstar is committed to maintaining the highest standards of security across all its components. We value the contributions from our community in identifying and resolving security vulnerabilities, and we are dedicated to ensuring the safety and integrity of our project.

Reporting a Vulnerability

If you discover a security vulnerability in DAOstar, please report it to our Security Management Team immediately. You can reach us via the following email addresses:

Please email a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue. Our vulnerability management team will respond within 3 working days of your email. If the issue is confirmed as a vulnerability, we will open a Security Advisory. This project follows a 90 day disclosure timeline.

Supported Versions

Version Supported
v1.0.0

Security Update Policy

DAOstar releases regular updates to address security vulnerabilities and improve system integrity. Critical security patches are deployed as soon as they are developed and tested. Users will be notified of these updates through our mailing list, GitHub notifications, and announcements on our official channels.

Security Best Practices

We recommend that all users follow these key security practices:

  • Keep Software Up-to-Date: Regularly update your DAOstar components to the latest version to ensure you have the most recent security patches.
  • Use Strong Authentication: Implement strong, unique passwords and enable two-factor authentication (2FA) where possible.
  • Secure Configurations: Follow our secure configuration guidelines to minimize vulnerabilities.
  • Monitor and Audit: Regularly monitor your systems for suspicious activity and perform routine audits to ensure ongoing security.

There aren’t any published security advisories