We are at the very beginning of our journey (as of March 2025). While we build on the shoulders of giants like Rust and Polkadot SDK, following industry standards and best practices, it would be overly optimistic to expect a completely secure system at this stage. Our goal is to communicate transparently about any issues and address them swiftly and carefully.

If you discover a vulnerability or have a security concern, please report it to security@qfnetwork.xyz. A detailed explanation, including reproduction steps or a reference to the vulnerability source code, would be greatly appreciated!

Rule only for DevNet: Until major version is released we might not accept security update for minor or patch version.