Contact
Report security issues privately through the official security contact.
Email: security@atamo-atms.org
Security Policy
Responsible disclosure information and core security principles for the ATAMO project.
Responsible disclosure
ATAMO encourages responsible private disclosure of potential vulnerabilities. Public disclosure should be avoided until the issue has been reviewed and, where appropriate, addressed.
Disclosure expectations
- Provide a clear description of the issue.
- Include reproduction steps where possible.
- Allow time for review before public discussion.
Security principles
Multi-signature control
Sensitive authority is intended to be managed through a multisignature structure rather than a single administrative wallet.
Timelocked execution
Critical administrative actions must pass through a review period before execution, supporting transparency and external monitoring.
Minimal web attack surface
The official website is static and informational, reducing unnecessary server-side complexity.
Governance activity should be monitored through the public blockchain, the official contracts page, and the verification guidance published by the project.