The Zimbabwe Digital Dollar (ZDD) is a regulated stablecoin project. Security is a top priority. This document outlines the responsible reporting process for vulnerabilities, issues, or concerns regarding the ZDD smart contracts and supporting code.

If you discover a security vulnerability, do not open a public GitHub issue. Instead, report it responsibly using the official contact:

Email: security@zddollar.io

Include the following information:

• Detailed description of the issue
• Steps to reproduce the vulnerability
• Potential impact if exploited
• Any suggested mitigation (optional)

The security policy covers:

• Smart contracts (ZDD.sol and related contracts)
• Supporting libraries and scripts in this repository
• Off-chain compliance and governance logic documented here

• The core team aims to acknowledge security reports within 72 hours
• Valid reports will be investigated immediately
• Critical vulnerabilities will be patched and disclosed responsibly

• Do not exploit discovered vulnerabilities
• Do not publicly disclose issues until patches are released
• Coordinated disclosure ensures the safety of the ZDD ecosystem

For all security-related reports, contact:

Email: security@zddollar.io