This security policy applies to the ELTA token contract in this repository.
Canonical deployment:
| Network | Address |
|---|---|
| Base mainnet | 0x6335495c88D1D78245BB50f321E4e450f865CfD0 |
The contract is immutable: no admin keys, no upgrade path, no pause, no blacklist, no mint path, no transfer fee. There is no on-chain remediation possible. Operational responses (disclosures, monitoring, advisories) are the only meaningful actions for any vulnerability that affects the deployed contract.
The contract was audited by Distrust LLC on 2026-03-26. Report: audits/2026-03-26-elata-distrust.pdf.
If you discover a security vulnerability in this project, please report it responsibly.
Do not open a public issue.
Instead, please email: security@elata.bio
Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fixes
- Initial response: within 48 hours
- Status update: within 7 days
- Resolution timeline: depends on severity (note: the deployed contract is immutable; resolution may consist of advisories rather than code changes)
Contact us for information about our bug bounty program.