← Back to home

Security

Last updated: September 7, 2025

Security-by-design principles we follow

• Mandatory 2FA for admins and least-privilege access.
• HTTPS everywhere; hardened CI/CD and dependency monitoring.
• Timely patching of vulnerabilities and rotating credentials.
• We never ask for private keys or passwords from users.

Report a vulnerability

Found a potential issue? Email security@trustchainx.io. We aim to acknowledge within 2 business days.

Coordinated disclosure guidelines

• Give us reasonable time to investigate and fix before public disclosure.
• Do not access, modify, or download other users’ data.
• No DDoS, spam, social engineering, or physical attacks.
• Stop testing and notify us immediately if you suspect data exposure.

Scope

• trustchainx.io and email addresses under @trustchainx.io.

Out of scope

• Rate-limiting/DoS without a practical exploit.
• SPF/DMARC observations without bypass.
• Clickjacking with no sensitive action.
• Attacks requiring device compromise or on-path network control (MITM).
• Fully automated scans without proof of impact.

© 2025 TS MIAMI GLOBAL LLC. All rights reserved.