DAOstar is committed to maintaining the highest standards of security across all its components. We value the contributions from our community in identifying and resolving security vulnerabilities, and we are dedicated to ensuring the safety and integrity of our project.

If you discover a security vulnerability in DAOstar, please report it to our Security Management Team immediately. You can reach us via the following email addresses:

• Rashmi: [email protected]
• Josh: [email protected]
• Mendes: [email protected]
• Aman: [email protected]

Please email a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue. Our vulnerability management team will respond within 3 working days of your email. If the issue is confirmed as a vulnerability, we will open a Security Advisory. This project follows a 90 day disclosure timeline.

DAOstar releases regular updates to address security vulnerabilities and improve system integrity. Critical security patches are deployed as soon as they are developed and tested. Users will be notified of these updates through our mailing list, GitHub notifications, and announcements on our official channels.

We recommend that all users follow these key security practices:

• Keep Software Up-to-Date: Regularly update your DAOstar components to the latest version to ensure you have the most recent security patches.
• Use Strong Authentication: Implement strong, unique passwords and enable two-factor authentication (2FA) where possible.
• Secure Configurations: Follow our secure configuration guidelines to minimize vulnerabilities.
• Monitor and Audit: Regularly monitor your systems for suspicious activity and perform routine audits to ensure ongoing security.