summaryrefslogtreecommitdiffstats
path: root/SECURITY.md
diff options
context:
space:
mode:
Diffstat (limited to 'SECURITY.md')
-rw-r--r--SECURITY.md12
1 files changed, 6 insertions, 6 deletions
diff --git a/SECURITY.md b/SECURITY.md
index fedabad..dca2848 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -2,7 +2,7 @@
## Supported Versions
-Currently, Veilith is in active development (version 0.9). Security updates are applied to the latest version only.
+Currently, Khimera is in active development (version 0.9). Security updates are applied to the latest version only.
| Version | Supported |
| ------- | ------------------ |
@@ -13,7 +13,7 @@ Currently, Veilith is in active development (version 0.9). Security updates are
**DO NOT** open public GitHub issues for security vulnerabilities.
-If you discover a security vulnerability in Veilith, please report it responsibly:
+If you discover a security vulnerability in Khimera, please report it responsibly:
### Preferred Method: Encrypted Email
@@ -37,7 +37,7 @@ If you discover a security vulnerability in Veilith, please report it responsibl
## Security Features
-Veilith implements multiple layers of defense:
+Khimera implements multiple layers of defense:
- **End-to-End Encryption**: Noise Protocol (XX pattern)
- **Forward Secrecy**: Automatic session key rotation
@@ -67,7 +67,7 @@ The following are considered **out of scope** for security reports:
Users should:
-1. Keep Veilith updated to the latest version
+1. Keep Khimera updated to the latest version
2. Verify binary signatures before installation
3. Use portable mode on untrusted systems
4. Enable emergency wipe if at risk
@@ -76,7 +76,7 @@ Users should:
## Cryptographic Implementation
-Veilith uses well-audited cryptographic libraries:
+Khimera uses well-audited cryptographic libraries:
- **Noise Protocol**: `flynn/noise` (Go implementation)
- **Tor**: Embedded Tor with authenticated bridges
@@ -86,7 +86,7 @@ We **never** implement custom cryptography.
## Bug Bounty
-Currently, Veilith does not offer a paid bug bounty program. However, we deeply appreciate responsible disclosure and will publicly credit researchers (with permission).
+Currently, Khimera does not offer a paid bug bounty program. However, we deeply appreciate responsible disclosure and will publicly credit researchers (with permission).
---