Please report security issues privately and do not open a public GitHub issue.

• Preferred: GitHub Security Advisories (Security tab: "Report a vulnerability")
• Email: support@qryptcoin.org (include “SECURITY” in the subject)

Include as much detail as possible:

• Affected component(s) and versions/commit hash
• Steps to reproduce or a minimal demonstration
• Impact assessment (e.g., fund loss, RCE, DoS)
• Any suggested fix or mitigation

Security fixes are tracked on the main branch. Tagged releases (when published) are supported according to their release notes.

• Threat model: docs/security/threat-model.md
• Incident response plan: docs/security/incident-response-plan.md