If you discover a security vulnerability in this project, please report it responsibly.

Do NOT open a public GitHub issue for security vulnerabilities.

Instead, email us at hello@bondum.xyz with:

• A description of the vulnerability
• Steps to reproduce
• Potential impact
• Suggested fix (if any)

We will acknowledge receipt within 48 hours and provide a timeline for a fix.

This policy applies to the bondum-launchpad frontend application. For backend API vulnerabilities, please use the same email address.