# Security Policy

## Supported Versions
This repository documents an experimental smart-contract series (v0–v10) on Base.
Artifacts are provided for educational and demonstration purposes.
No active maintenance or patch guarantees are provided.

## Reporting a Vulnerability
Please report vulnerabilities **privately via GitHub Security Advisories** for this repository.

**How to report**
1. Open this repository on GitHub and go to **Security** ➝ **Advisories**.
2. Click **Report a vulnerability** (or **New draft security advisory**).
3. Include:
   - Affected version(s) (e.g., vX)
   - Network (Sepolia/Mainnet)
   - Contract address(es)
   - Detailed reproduction steps and impact
   - Suggested fix or mitigation, if any

**Acknowledgement & Timeline**
- We acknowledge receipt within **5 business days**.
- We will coordinate on a fix or mitigation and provide status updates.
- Please avoid public disclosure until we agree on a remediation timeline.