47 lines
1.7 KiB
Markdown
47 lines
1.7 KiB
Markdown
# Security Policy
|
|
|
|
## Supported Versions
|
|
|
|
| Version | Supported |
|
|
|---------|-----------|
|
|
| Latest release | ✅ |
|
|
| Older releases | ❌ |
|
|
|
|
We recommend always running the latest version of PinchChat.
|
|
|
|
## Security Model
|
|
|
|
PinchChat is a **static frontend** that connects to your OpenClaw gateway via WebSocket. Key security properties:
|
|
|
|
- **No server-side code** — PinchChat is a pure client-side SPA served as static files
|
|
- **Runtime authentication** — gateway URL and token are entered at login and stored in `localStorage`, never baked into the build
|
|
- **No secrets in the image** — the Docker image contains only static assets; credentials are provided at runtime
|
|
- **No telemetry** — PinchChat does not phone home, collect analytics, or send data to third parties
|
|
|
|
### Token Handling
|
|
|
|
- The gateway token is stored in the browser's `localStorage`
|
|
- It is transmitted only over the WebSocket connection to your gateway
|
|
- Logging out clears the token from storage
|
|
- **If you serve PinchChat over the network, use HTTPS** to protect the token in transit
|
|
|
|
### Recommendations
|
|
|
|
- Always use `wss://` (WebSocket over TLS) in production
|
|
- Restrict gateway access to trusted networks or use a reverse proxy with authentication
|
|
- Rotate your OpenClaw gateway token periodically
|
|
- Do not share your browser's `localStorage` data
|
|
|
|
## Reporting a Vulnerability
|
|
|
|
If you discover a security vulnerability, please report it responsibly:
|
|
|
|
1. **Do NOT open a public issue**
|
|
2. Email **contact@nicolasvarrot.fr** with:
|
|
- A description of the vulnerability
|
|
- Steps to reproduce
|
|
- Potential impact
|
|
3. You will receive a response within 72 hours
|
|
|
|
We appreciate responsible disclosure and will credit reporters (unless they prefer anonymity).
|