Security policy

Security.

Farpy treats receipts, uploads, outputs, account access, worker integrity, and payment state as security-sensitive infrastructure.

Model

Outputs are private by default. Workers pull jobs. Public proof feeds expose safe metadata only.

Send vulnerability reports to security@farpy.com. Include impact, reproduction steps, affected route, and safe proof.

Do not attack workers, exfiltrate data, access private outputs, run destructive tests, or test payment abuse.

Farpy may restrict access, rotate secrets, preserve logs, and patch silently when needed.

Security: security@farpy.com · Abuse: abuse@farpy.com