Security Policy

Thank you for helping keep Synaptao and WalletAI users safe. We accept responsible disclosures for vulnerabilities affecting synaptao.space and the WalletAI Chrome extension.

How to report

Email security@tenseuron.com. Up-to-date contact info is published at /.well-known/security.txt per RFC 9116.

What to include

• A clear description of the issue and its impact.
• Steps to reproduce (minimal proof-of-concept preferred).
• Affected URLs, extension version, or commit hashes.

Our commitments

• We acknowledge new reports within 5 business days.
• We will coordinate a disclosure timeline and credit you publicly with your permission.
• We will not pursue legal action against good-faith research that follows this policy.

Out of scope

• Automated scanning that degrades service for live users.
• Social engineering of staff or contributors.
• Findings only reproducible on outdated software or browsers.