Security

Core practices

• TLS in transit; encryption at rest where applicable.
• Least-privilege access; secrets rotated.
• Audit logging for key actions.

Responsible disclosure

Report vulnerabilities to security@ghostwall.org. We acknowledge within 72 hours.

Policy: /.well-known/security.txt