Skip to content

Security: qlrd/kdk

Security

SECURITY.md

Security Policy

⚠️ KDK is experimental software. It has not been audited. Do not use it with real funds. Until at minimum a third-party audit exists, treat every address it derives as test material — even on mainnet.

Please do not file a public issue for security-sensitive reports.

Contact the maintainer privately:

  • Email: qlrddev@proton.me
  • GPG / age key: C43B 4A53 2527 3ABA 93A8 EED5 B388 2972 8980 AA8B

Include a clear description of the issue and affected component, reproduction steps and your assessment of severity and exploitability.

Response time goals (best-effort, not a contractual SLA, 7 days). If you don't receive a response within 7 days, please escalate via public issue but only stating that you reported a security issue privately.

There aren't any published security advisories