Misc updates (#1663)

Nashtare · web-flow · commit 4e0834d71150 · 2025-01-30T15:46:51.000-05:00
diff --git a/LICENSE-APACHE b/LICENSE-APACHE
@@ -186,7 +186,7 @@ APPENDIX: How to apply the Apache License to your work.
    same "printed page" as the copyright notice for easier
    identification within third-party archives.
 
-Copyright [yyyy] [name of copyright owner]
+Copyright [2022-2025] The Plonky2 Authors
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
diff --git a/LICENSE-MIT b/LICENSE-MIT
@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2022 The Plonky2 Authors
+Copyright (c) 2022-2025 The Plonky2 Authors
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
diff --git a/README.md b/README.md
@@ -84,7 +84,10 @@ at your option.
 
 ## Security
 
-This code has not yet been audited, and should not be used in any production systems.
+This code has been audited prior to the `v1.0.0` release. The audits reports and findings are available in the [audits](./audits/) folder of this repository.
+An audited codebase isn't necessarily free of bugs and security exploits, hence we recommend care when using `plonky2` in production settings.
+
+If you find a security issue in the codebase, please refer to our [Security guidelines](./SECURITY.md) for private disclosure.
 
 While Plonky2 is configurable, its defaults generally target 100 bits of security. The default FRI configuration targets 100 bits of *conjectured* security based on the conjecture in [ethSTARK](https://eprint.iacr.org/2021/582).
 
@@ -93,12 +96,7 @@ Plonky2's default hash function is Poseidon, configured with 8 full rounds, 22 p
 
 ## Links
 
-#### Actively maintained
-
 - [Polygon Zero's zkEVM](https://github.com/0xPolygonZero/zk_evm), an efficient Type 1 zkEVM built on top of Starky and plonky2
-
-#### No longer maintained
-
 - [System Zero](https://github.com/0xPolygonZero/system-zero), a zkVM built on top of Starky
 - [Waksman](https://github.com/0xPolygonZero/plonky2-waksman), Plonky2 gadgets for permutation checking using Waksman networks
 - [Insertion](https://github.com/0xPolygonZero/plonky2-insertion), Plonky2 gadgets for insertion into a list
diff --git a/SECURITY.md b/SECURITY.md
@@ -1,5 +1,11 @@
 # Polygon Technology Security Information
 
+For findings related to plonky2 repository, please contact us with relevant information privately 
+through our security contact details: security@polygon.technology.
+
+Depending on the severity of the findings, the team may reserve the rights to keep the information private
+while addressing it internally, and disclose it along a new release after having informed relevant parties.
+
 ## Link to vulnerability disclosure details (Bug Bounty).
 - Websites and Applications: https://hackerone.com/polygon-technology
 - Smart Contracts: https://immunefi.com/bounty/polygon
