Black Relay Site Security Policy

Use mailto:hei@blackrelay.network for vulnerabilities that affect the public Black Relay website at *.blackrelay.network.

Reports should include the affected URL, reproduction steps, browser or client details, and the likely impact. Keep proof-of-concept material minimal and avoid including secrets, private player data, credentials or unrelated third-party information.

PGP is not supported for this contact route. Security mail is handled through Tuta/Tutanota's encrypted mailbox format.

Use the affected repository's GitHub Security reporting flow for repository code, dependency, CI, release or deployment issues: - blackrelay/site for this website. - blackrelay/api for the public API Worker. - blackrelay/registry for the Registry source-of-truth indexer and data pipeline.

For EVE Frontier, CCP Games, Fenris Creations, Cloudflare, Tuta/Tutanota, GitHub or other third-party services, use that project's own security contact.