NEAR values the independent security research community and believes that responsible disclosure of security vulnerabilities helps us ensure the security and privacy of all our users.

Please do NOT raise a GitHub Issue to report a security vulnerability. If you believe you have found a security vulnerability, please submit a report to security@nearone.org, preferably with a proof of concept. We ask that you do not use other channels or contact project contributors directly.

Non-vulnerability-related security issues, such as new ideas for security features, are welcome on GitHub Issues.

We will provide security-related information such as a threat model, considerations for secure use, or any known security issues in our documentation. Please note that labs and sample code are intended to demonstrate a concept and may need to be sufficiently hardened for production use.