Security Disclosure

Last updated: May 4, 2026

Please report suspected vulnerabilities, account-safety issues, smart contract concerns, API exposure, signing bugs, or market-integrity issues responsibly.

Report Scope

Useful reports include reproducible impact on custody boundaries, order signing, settlement, paymaster limits, environment separation, API authorization, or data integrity.

Do Not

Do not access other users' data, disrupt service, perform social engineering, or attempt to move assets. Testing must not create new risk for users or public infrastructure.

Contact

Email: [email protected]. Include affected route or contract, reproduction steps, expected impact, and any relevant logs or transaction hashes.