Full-node GUI wallet for DragonX cryptocurrency. Built with Dear ImGui, SDL3, and OpenGL3/DX11. Features: - Send/receive shielded and transparent transactions - Autoshield with merged transaction display - Built-in CPU mining (xmrig) - Peer management and network monitoring - Wallet encryption with PIN lock - QR code generation for receive addresses - Transaction history with pagination - Console for direct RPC commands - Cross-platform (Linux, Windows)
1.3 KiB
1.3 KiB
Security Policy
Reporting a Vulnerability
ObsidianDragon is a cryptocurrency wallet that handles private keys and funds. We take security seriously.
Do NOT report security vulnerabilities through public issues.
Instead, please report them privately:
- Email: security@dragonx.is
- Or contact the maintainers directly through the DragonX community channels
What to Include
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
Response Timeline
- Acknowledgement: Within 48 hours
- Assessment: Within 1 week
- Fix: As soon as possible, depending on severity
Scope
The following are in scope:
- Private key exposure or theft
- Wallet passphrase/PIN bypass
- RPC credential leakage
- Remote code execution
- Fund loss or misdirection
- Daemon communication interception
Recognition
We appreciate responsible disclosure and will credit reporters in release notes (unless anonymity is preferred).
Supported Versions
| Version | Supported |
|---|---|
| Latest release | Yes |
| Older releases | Best effort |
Security Best Practices for Users
- Always verify downloads against published checksums
- Use a strong passphrase or PIN to encrypt your wallet
- Keep your system and wallet software up to date
- Back up your wallet regularly