Skip to content

Security: OmniLayer/omnicore

Security

SECURITY.MD

Security Policy

Supported Versions

The Omni Layer protocol evolves over time. To avoid any consensus divergences, for example when a user with an old version considers a transaction as valid, while it is actually invalid under new rules, it is recommended to always run the latest version of Omni Core:

https://github.com/OmniLayer/omnicore/releases

Reporting a Vulnerability

To report security issues please send an email to security-reports [at] omni.foundation.

The following GPG key may be used to communicate sensitive information to developers:

Fingerprint
71B2 0841 5A58 2ECF 24DC E001 0F56 E9F2 BCDA 0142
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQENBF6i8lIBCAC/eSYQlqtw/d6pQdAFd+WXkyIr8UccQR7BIFq6ZD3ITlH8ofpZ
77MgovTmmyAbnTgxc+tw0MzjJX1tUGzA1u1cnpsSoHr0Zke4DLvi9uGkbACZcbjZ
qPbK0PjqlXppoxz/IBSsqgku46mAiElPmUqGf0QapmsyJlzGSp5MtSZbJSTXCD4F
AUFtiQxsLKralgdVmxbb7ljtgc0NBf1bDKtcJ3wFDY9RjW33e+ezbxPC4akyzlCO
2X6BkhOK8GcRPeprlDdoVDK3NlzxI/RN8GFp8am5q3y1+35zmFsRkJl2B0MriUah
Mef5TDz4VihYzMz8Zbdt5wpSLDKABSVo9mgpABEBAAG0OE9tbmkgU2VjdXJpdHkg
UmVwb3J0cyA8c2VjdXJpdHktcmVwb3J0c0BvbW5pLmZvdW5kYXRpb24+iQFUBBMB
CAA+FiEEcbIIQVpYLs8k3OABD1bp8rzaAUIFAl6i8lICGwMFCQPCga4FCwkIBwIG
FQoJCAsCBBYCAwECHgECF4AACgkQD1bp8rzaAULRRQf/f2bdksTmdrVE5duQuC1s
xXnhATx4Vsf9xo+KWxZDWXKUg45+2vkhsn1JV4dj6rmttDnq5JrQeGhqHyTwLW9P
vja216ayUr1Qa7vNAI8kIWnOmsKNW5mlm7DNANfpBM3gSflHzr/O9Kk2RIAaRvJw
L4U/878aYvhiCzCVcBOsp4TgmY4P4F2z4WqhsP5dej/J8EdLvdIXgwfpsAv4F3NI
D+WfGahaiZW8M4PbFUtTkpaiADfI5DjUUh5xyycT9O10TbUTL9XKA9ByhaHFzrTm
CkNumi3gPHGsOtnbpxImHq9iEoCrMtOTYcdX7EdV2VltpOvmxTf7c/4JWjyxoWE6
irkBDQReovJSAQgA1XcPraOyKx8YI03eKiJ/oc8iovvR38UllerpSMmr2SVv2AzD
WoITc472vsy0uO8iT1X9hvcfvBDpkb9ChOytU87LTaTSpyU6mSIJeshNfiGTrnbO
byMkvrTpXULo+i1NR/QeM0GIctXE1yIds8qjLP+rK5D7yYOtogGfNIUnsZRQGfPR
w3Yy6lpAQP7sqMFEEu7zUsGLa/HYEcF7pVC/7VGmud3t2R6tL2FR/aygFlptVObE
SgNB6I77IBNQMVxMlaqlzHLyZk7mzgJTZ6RyuntjK1a6ZxenOM1BOpgXNcnOun+Y
FCNqRt/qp6kr0SBYuWNs87R0G1X3YsOTWguB9wARAQABiQE8BBgBCAAmFiEEcbII
QVpYLs8k3OABD1bp8rzaAUIFAl6i8lICGwwFCQPCga4ACgkQD1bp8rzaAUJyJwf7
BNh2ZrmSMkY1NUJXyo8Pf0zuT06xZr8duTpVhY2W9eSq57oxx+aE/840ZwPt/3F7
Iat9BNSUcn2s+t0+fPtx9+UPh8pem4U1L5JBfjFiAI5d1z2wxtq+Kerx/FHRdPt2
bze2cPjGUmaT5DNMLYWmqkRghU3Liixu33yNhrCCsaRHL0m92FOsyL6ljGZ/gd7u
sm5sgwxis1frpkeo/1kcImb+1WIF2xNGZ3obAkTCEXfFv0f8O701hvF2hMl8pYD2
UVJNyy6tJP8eLmzsA3jbJjmTGlrV1xqLjz6dLJmG4+n6DCj6B1lIBB/PR5TuJ3/G
Vi7sTb/b5XFCI1JKej2raA==
=97AU
-----END PGP PUBLIC KEY BLOCK-----

You can also import a key by running the following command with the fingerprint: gpg --recv-keys "<fingerprint>". Ensure that you put quotes around fingerprints containing spaces.

There aren’t any published security advisories