This repository was archived by the owner on Apr 7, 2026. It is now read-only.

Security

SECURITY.md

Security Policy

Supported Versions

Version	Supported
Latest	✅

Reporting a Vulnerability

We take security seriously. If you discover a security vulnerability, please report it responsibly.

How to Report

DO NOT open a public GitHub issue for security vulnerabilities
Email security concerns to: aethermoregames@pm.me
Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes

Response Timeline

Severity	Initial Response	Resolution Target
Critical	24 hours	7 days
High	48 hours	14 days
Medium	7 days	30 days
Low	14 days	90 days

What to Expect

Acknowledgment of your report within the response time
Regular updates on our progress
Credit in the security advisory (unless you prefer anonymity)
Notification when the vulnerability is fixed

Security Best Practices

For Developers

No secrets in code - Use environment variables or secret managers
Pin dependencies - Use lockfiles with hashes
Run security scans - Bandit for Python, npm audit for Node
Review PRs - All changes require review

SCBE-AETHERMOORE Security

This project implements the Symphonic Cipher / SCBE-AETHERMOORE security framework with:

Purpose	Algorithm	Standard
Key Encapsulation	ML-KEM-768	NIST FIPS 203
Digital Signatures	ML-DSA-65	NIST FIPS 204
Harmonic Scaling	H(d) = exp(d^2)	SCBE Axiom A12

Security Contacts

Email: aethermoregames@pm.me
GitHub Security Advisories: Configure in repo settings

There aren't any published security advisories